CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
501 CVE-2017-11025 362 Mem. Corr. 2017-11-16 2017-11-30
4.4
None Local Medium Not required Partial Partial Partial
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the function audio_effects_shared_ioctl(), memory corruption can occur.
502 CVE-2017-11024 416 2017-11-16 2017-11-30
4.6
None Local Low Not required Partial Partial Partial
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in the rmnet USB control driver can potentially lead to a Use After Free condition.
503 CVE-2017-11023 264 2017-11-16 2017-11-30
4.6
None Local Low Not required Partial Partial Partial
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads.
504 CVE-2017-11022 200 +Info 2017-11-16 2017-11-30
5.0
None Remote Low Not required Partial None None
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the probe requests originated from user's phone contains the information elements which specifies the supported wifi features. This shall impact the user's privacy if someone sniffs the probe requests originated by this DUT. Hence, control the presence of information elements using ini file.
505 CVE-2017-11019 119 Overflow 2017-12-05 2017-12-19
4.6
None Local Low Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the fd allocated during the get_metadata was not closed even though the buffer allocated to the fd was freed. This resulted in a failure during exit sequence.
506 CVE-2017-11018 119 Overflow 2017-11-16 2017-11-30
4.6
None Local Low Not required Partial Partial Partial
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, array access out of bounds may occur in the camera driver in the kernel
507 CVE-2017-11017 119 Overflow 2017-11-16 2017-11-30
4.6
None Local Low Not required Partial Partial Partial
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a specially crafted UBI image, it is possible to corrupt memory, or access uninitialized memory.
508 CVE-2017-11016 264 2017-12-05 2017-12-19
4.6
None Local Low Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when memory allocation fails while creating a calibration block in create_cal_block stale pointers are left uncleared.
509 CVE-2017-11015 264 Overflow 2017-11-16 2017-11-30
9.3
None Remote Medium Not required Complete Complete Complete
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently, the value of SIR_MAC_AUTH_CHALLENGE_LENGTH is set to 128 which may result in buffer overflow since the frame parser allows challenge text of length up to 253 bytes, but the driver can not handle challenge text larger than 128 bytes.
510 CVE-2017-11014 264 Overflow 2017-11-16 2017-11-30
9.3
None Remote Medium Not required Complete Complete Complete
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE in a Roam Neighbor Action Report, a buffer overflow can occur.
511 CVE-2017-11013 264 2017-11-16 2017-11-30
9.3
None Remote Medium Not required Complete Complete Complete
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boundary check against "pIe->arraybound".
512 CVE-2017-11012 264 Overflow 2017-11-16 2017-11-30
4.6
None Local Low Not required Partial Partial Partial
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_ENCRYPTION_TEST cfg80211 vendor command a stack-based buffer overflow can occur.
513 CVE-2017-11010 284 2018-03-30 2018-04-23
10.0
None Remote Low Not required Complete Complete Complete
In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 650/52, SD 835, access control left a configuration space unprotected.
514 CVE-2017-11007 119 Overflow 2017-12-05 2017-12-15
7.2
None Local Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of stack corruption due to buffer overflow of Partition name while converting ascii string to unicode string in function HandleMetaImgFlash.
515 CVE-2017-11006 416 2017-12-05 2017-12-15
10.0
None Remote Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Use After Free condition can occur during positioning.
516 CVE-2017-11005 416 2017-12-05 2017-12-15
10.0
None Remote Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Use After Free condition can occur during a deinitialization path.
517 CVE-2017-11003 264 2018-01-10 2018-01-29
4.6
None Local Low Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that the data fits into allotted RAM size.
518 CVE-2017-11002 200 +Info 2017-09-21 2017-09-26
4.3
None Remote Medium Not required Partial None None
In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur.
519 CVE-2017-11001 200 +Info 2017-09-21 2017-09-26
4.3
None Remote Medium Not required Partial None None
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length of the MAC address is not checked which may cause out of bounds read.
520 CVE-2017-11000 264 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write.
521 CVE-2017-10999 264 Mem. Corr. 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, concurrent calls into ioctl RMNET_IOCTL_ADD_MUX_CHANNEL in ipa wan driver may lead to memory corruption due to missing locks.
522 CVE-2017-10998 264 Overflow 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. If the buffer length is large enough then the address + length operation could overflow and produce a result far below the valid region.
523 CVE-2017-10997 264 Mem. Corr. 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory.
524 CVE-2017-10996 200 +Info 2017-09-21 2017-09-26
7.1
None Remote Medium Not required Complete None None
In all Qualcomm products with Android releases from CAF using the Linux kernel, out of bounds access is possible in c_show(), due to compat_hwcap_str[] not being NULL-terminated. This error is not fatal, however the device might crash/reboot with memory violation/out of bounds access.
525 CVE-2017-10709 254 Bypass 2017-06-30 2017-07-06
7.2
None Local Low Not required Complete Complete Complete
The lockscreen on Elephone P9000 devices (running Android 6.0) allows physically proximate attackers to bypass a wrong-PIN lockout feature by pressing backspace after each PIN guess.
526 CVE-2017-9725 264 2017-09-21 2018-04-18
9.3
None Remote Medium Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail.
527 CVE-2017-9724 264 2017-09-21 2017-09-26
9.3
None Remote Medium Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address.
528 CVE-2017-9723 119 Overflow 2018-03-30 2018-04-27
4.6
None Local Low Not required Partial Partial Partial
The touchscreen driver synaptics_dsx in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-05, the size of a stack-allocated buffer can be set to a value which exceeds the size of the stack.
529 CVE-2017-9722 119 Overflow 2017-12-05 2017-12-15
4.6
None Local Low Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when updating custom EDID (hdmi_tx_sysfs_wta_edid), if edid_size, which is controlled by userspace, is too large, a buffer overflow occurs.
530 CVE-2017-9721 119 Overflow 2017-11-16 2017-11-30
4.6
None Local Low Not required Partial Partial Partial
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the boot loader, a buffer overflow can occur while parsing the splash image.
531 CVE-2017-9720 264 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur.
532 CVE-2017-9719 119 Overflow 2017-11-16 2017-12-01
4.6
None Local Low Not required Partial Partial Partial
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the kernel driver MDSS, a buffer overflow can occur in HDMI CEC parsing if frame size is out of range.
533 CVE-2017-9718 119 Overflow 2017-12-05 2017-12-15
4.4
None Local Medium Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a multimedia driver can potentially lead to a buffer overwrite.
534 CVE-2017-9717 119 Overflow 2017-10-10 2017-10-27
5.0
None Remote Low Not required Partial None None
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur.
535 CVE-2017-9716 264 2017-12-05 2017-12-20
7.2
None Local Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the qbt1000 driver implements an alternative channel for usermode applications to talk to QSEE applications.
536 CVE-2017-9715 119 Overflow 2017-10-10 2017-10-19
5.0
None Remote Low Not required Partial None None
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur.
537 CVE-2017-9714 119 Overflow 2017-10-10 2017-10-19
4.6
None Local Low Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an out of bound memory access may happen in limCheckRxRSNIeMatch in case incorrect RSNIE is received from the client in assoc request.
538 CVE-2017-9712 119 Overflow 2018-01-10 2018-01-26
5.0
None Remote Low Not required Partial None None
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, if userspace provides a too-large IE length in wlan_hdd_cfg80211_set_ie, a buffer over-read occurs.
539 CVE-2017-9710 119 Overflow 2017-12-05 2017-12-15
4.6
None Local Low Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, IOCTL interface to send QMI NOTIFY REQ messages can be called from multiple contexts which can result in buffer overflow of msg cache.
540 CVE-2017-9709 264 2017-12-05 2017-12-15
7.5
None Remote Low Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a privilege escalation vulnerability exists in telephony.
541 CVE-2017-9708 362 2017-12-05 2017-12-15
4.4
None Local Medium Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the camera driver, the function "msm_ois_power_down" is called without a mutex and a race condition can occur in variable "*reg_ptr" of sub function "msm_camera_config_single_vreg".
542 CVE-2017-9706 119 Overflow 2017-10-10 2017-10-19
4.6
None Local Low Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an array out-of-bounds access can potentially occur in a display driver.
543 CVE-2017-9705 415 2018-01-10 2018-01-26
4.6
None Local Low Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing locking resulting in list_del() and list_add() overlapping and corrupting the next and previous pointers.
544 CVE-2017-9703 416 2017-12-05 2017-12-15
4.4
None Local Medium Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a Camera driver can lead to a Use After Free condition.
545 CVE-2017-9702 264 2017-11-16 2017-12-01
4.6
None Local Low Not required Partial Partial Partial
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a user-space pointer is directly accessed in a camera driver.
546 CVE-2017-9701 200 +Info 2017-11-16 2017-12-01
5.0
None Remote Low Not required Partial None None
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing OEM unlock/unlock-go fastboot commands data leak may occur, resulting from writing uninitialized stack structure to non-volatile memory.
547 CVE-2017-9700 119 Overflow 2017-12-05 2017-12-15
4.6
None Local Low Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer overwrite is possible in fw_name_store if image name is 64 characters.
548 CVE-2017-9698 119 Overflow 2017-12-05 2017-12-15
4.6
None Local Low Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improperly specified offset/size values for a submission command could cause a math operation to overflow and could result in an access to arbitrary memory. The combined pointer will overflow and possibly pass further checks intended to avoid accessing unintended memory.
549 CVE-2017-9697 362 2017-10-10 2017-10-19
4.4
None Local Medium Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command registration table entries in diag_dbgfs_read_table.
550 CVE-2017-9696 200 +Info 2017-11-16 2017-12-01
5.0
None Remote Low Not required Partial None None
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer over-read is possible in camera driver function msm_isp_stop_stats_stream. Variable stream_cfg_cmd->num_streams is from userspace, and it is not checked against "MSM_ISP_STATS_MAX".
Total number of vulnerabilities : 2004   Page : 1 2 3 4 5 6 7 8 9 10 11 (This Page)12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.