| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
251 |
CVE-2017-13168 |
264 |
|
|
2017-12-06 |
2017-12-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233. |
|
252 |
CVE-2017-13167 |
264 |
|
|
2017-12-06 |
2018-01-05 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993. |
|
253 |
CVE-2017-13166 |
264 |
|
|
2017-12-06 |
2018-05-09 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167. |
|
254 |
CVE-2017-13165 |
264 |
|
|
2017-12-06 |
2017-12-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An elevation of privilege vulnerability in the kernel file system. Product: Android. Versions: Android kernel. Android ID A-31269937. |
|
255 |
CVE-2017-13164 |
200 |
|
+Info |
2017-12-06 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An information disclosure vulnerability in the kernel binder driver. Product: Android. Versions: Android kernel. Android ID A-36007193. |
|
256 |
CVE-2017-13163 |
264 |
|
|
2017-12-06 |
2017-12-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An elevation of privilege vulnerability in the kernel mtp usb driver. Product: Android. Versions: Android kernel. Android ID A-37429972. |
|
257 |
CVE-2017-13162 |
264 |
|
|
2017-12-06 |
2017-12-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An elevation of privilege vulnerability in the kernel binder. Product: Android. Versions: Android kernel. Android ID A-64216036. |
|
258 |
CVE-2017-13161 |
264 |
|
|
2017-12-06 |
2017-12-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An elevation of privilege vulnerability in the Broadcom wireless driver. Product: Android. Versions: Android kernel. Android ID A-63930471. References: BC-V2017092501. |
|
259 |
CVE-2017-13160 |
264 |
|
Exec Code |
2017-12-06 |
2017-12-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362. |
|
260 |
CVE-2017-13159 |
200 |
|
+Info |
2017-12-06 |
2017-12-18 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32879772. |
|
261 |
CVE-2017-13158 |
200 |
|
+Info |
2017-12-06 |
2017-12-18 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32879915. |
|
262 |
CVE-2017-13157 |
200 |
|
+Info |
2017-12-06 |
2017-12-18 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32990341. |
|
263 |
CVE-2017-13156 |
264 |
|
|
2017-12-06 |
2017-12-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847. |
|
264 |
CVE-2017-13154 |
264 |
|
|
2017-12-06 |
2017-12-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63666573. |
|
265 |
CVE-2017-13153 |
264 |
|
|
2017-12-06 |
2017-12-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An elevation of privilege vulnerability in the Android media framework (libaudioservice). Product: Android. Versions: 8.0. Android ID A-65280854. |
|
266 |
CVE-2017-13152 |
200 |
|
+Info |
2017-12-06 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An information disclosure vulnerability in the Android media framework (libmedia drm). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62872384. |
|
267 |
CVE-2017-13151 |
264 |
|
Exec Code |
2017-12-06 |
2017-12-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456. |
|
268 |
CVE-2017-13150 |
200 |
|
+Info |
2017-12-06 |
2017-12-19 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-38328132. |
|
269 |
CVE-2017-13149 |
200 |
|
+Info |
2017-12-06 |
2017-12-19 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872. |
|
270 |
CVE-2017-13148 |
20 |
|
DoS |
2017-12-06 |
2017-12-18 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65717533. |
|
271 |
CVE-2017-11093 |
200 |
|
+Info |
2017-11-16 |
2017-11-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID), kernel memory can be exposed. |
|
272 |
CVE-2017-11092 |
416 |
|
|
2017-11-16 |
2017-11-30 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the KGSL driver function kgsl_ioctl_gpu_command, a Use After Free condition can potentially occur. |
|
273 |
CVE-2017-11091 |
416 |
|
|
2017-11-16 |
2017-11-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function mdss_rotator_ioctl in the driver /dev/mdss_rotator, a Use-After-Free condition can potentially occur due to a fence being installed too early. |
|
274 |
CVE-2017-11090 |
200 |
|
+Info |
2017-11-16 |
2017-11-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in __wlan_hdd_cfg80211_set_pmksa when user space application sends PMKID of size less than WLAN_PMKID_LEN bytes. |
|
275 |
CVE-2017-11089 |
200 |
|
+Info |
2017-11-16 |
2018-04-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes |
|
276 |
CVE-2017-11087 |
200 |
|
+Info |
2018-03-30 |
2018-04-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the "filled length", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context of mediaserver. |
|
277 |
CVE-2017-11085 |
190 |
|
Overflow |
2017-11-16 |
2017-11-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an integer overflow leading to a buffer overflow due to improper bound checking in msm_audio_effects_virtualizer_handler, file msm-audio-effects-q6-v2.c |
|
278 |
CVE-2017-11082 |
119 |
|
Overflow |
2018-03-16 |
2018-04-05 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in a firmware loading routine, a buffer overflow could potentially occur if multiple user space threads try to update the WLAN firmware file through sysfs. |
|
279 |
CVE-2017-11081 |
119 |
|
Overflow |
2018-01-10 |
2018-01-26 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers defined in this API can hold maximum 32 bytes but data more than 32 bytes can get copied. |
|
280 |
CVE-2017-11080 |
119 |
|
Overflow |
2018-01-10 |
2018-01-26 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a user supplied sparse image, a buffer overflow vulnerability could occur if the sparse header block size is equal to 4294967296. |
|
281 |
CVE-2017-11079 |
200 |
|
+Info |
2018-01-10 |
2018-01-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size. |
|
282 |
CVE-2017-11075 |
416 |
|
|
2018-04-03 |
2018-05-14 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if cmd_pkt and reg_pkt are called from different userspace threads, a use after free condition can potentially occur in wdsp_glink_write(). |
|
283 |
CVE-2017-11074 |
264 |
|
|
2018-03-16 |
2018-04-05 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is an obsolete set/reset ssid hotlist API. |
|
284 |
CVE-2017-11073 |
264 |
|
|
2017-11-16 |
2017-11-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the qcacld pktlog allows mapping memory via /proc/ath_pktlog/cld to user space. |
|
285 |
CVE-2017-11072 |
119 |
|
Overflow |
2018-01-16 |
2018-02-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while calculating CRC for GPT header fields with partition entries greater than 16384 buffer overflow occurs. |
|
286 |
CVE-2017-11069 |
119 |
|
Overflow |
2018-01-10 |
2018-01-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, manipulation of SafeSwitch Image data can result in Heap overflow. |
|
287 |
CVE-2017-11067 |
119 |
|
Overflow |
2017-10-10 |
2017-10-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the Athdiag procfs entry does not have a proper address sanity check which may potentially lead to the use of an out-of-range pointer offset. |
|
288 |
CVE-2017-11066 |
200 |
|
+Info |
2018-01-10 |
2018-01-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing ubi image an uninitialized memory could be accessed. |
|
289 |
CVE-2017-11064 |
119 |
|
Overflow |
2017-10-10 |
2017-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively. Android ID: A-36815952. References: QC-CR#2054770, QC-CR#2058447, QC-CR#2066628, QC-CR#2087785 |
|
290 |
CVE-2017-11063 |
362 |
|
|
2017-10-10 |
2017-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur. |
|
291 |
CVE-2017-11062 |
119 |
|
Overflow |
2017-10-10 |
2017-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently attributes are not validated in __wlan_hdd_cfg80211_do_acs which can potentially lead to a buffer overread. |
|
292 |
CVE-2017-11061 |
119 |
|
Overflow |
2017-10-10 |
2017-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing cfg80211 vendor sub command QCA_NL80211_VENDOR_SUBCMD_ROAM, a buffer over-read can occur. |
|
293 |
CVE-2017-11060 |
119 |
|
Overflow |
2017-10-10 |
2017-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively. Android ID: A-36817548. References: QC-CR#2058447, QC-CR#2054770. |
|
294 |
CVE-2017-11059 |
119 |
|
Overflow |
2017-10-10 |
2017-10-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, setting the HMAC key by different threads during SHA operations may potentially lead to a buffer overflow. |
|
295 |
CVE-2017-11058 |
125 |
|
|
2017-11-16 |
2017-11-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur. |
|
296 |
CVE-2017-11057 |
119 |
|
Overflow |
2017-10-10 |
2017-10-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in compatibility mode, flash_data from 64-bit userspace may cause disclosure of kernel memory or a fault due to using a userspace-provided address. |
|
297 |
CVE-2017-11056 |
119 |
|
Overflow |
2017-10-10 |
2017-10-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while doing sha and cipher operations, a userspace buffer is directly accessed in kernel space potentially leading to a page fault. |
|
298 |
CVE-2017-11055 |
119 |
|
Overflow |
2017-10-10 |
2017-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION cfg80211 vendor command, a buffer over-read can occur. |
|
299 |
CVE-2017-11054 |
119 |
|
Overflow |
2017-10-10 |
2017-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur. |
|
300 |
CVE-2017-11053 |
119 |
|
Overflow |
2017-10-10 |
2017-10-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when qos map set IE of length less than 16 is received in association response or in qos map configure action frame, a buffer overflow can potentially occur in ConvertQosMapsetFrame(). |
