# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2017-13715 |
665 |
|
DoS Exec Code |
2017-08-29 |
2022-01-31 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not ensure that n_proto, ip_proto, and thoff are initialized, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a single crafted MPLS packet. |
2 |
CVE-2017-12762 |
119 |
|
Overflow |
2017-08-09 |
2018-04-06 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree. |
3 |
CVE-2017-7895 |
119 |
|
Overflow |
2017-04-28 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. |
4 |
CVE-2017-6264 |
125 |
|
Exec Code |
2017-11-14 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability exists in the NVIDIA GPU driver (gm20b_clk_throt_set_cdev_state), where an out of bound memory read is used as a function pointer could lead to code execution in the kernel.This issue is rated as high because it could allow a local malicious application to execute arbitrary code within the context of a privileged process. Product: Android. Version: N/A. Android ID: A-34705430. References: N-CVE-2017-6264. |
5 |
CVE-2017-0648 |
|
|
Exec Code |
2017-06-14 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-36101220. |
6 |
CVE-2017-0564 |
|
|
Exec Code |
2017-04-07 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34276203. |
7 |
CVE-2017-0563 |
345 |
|
Exec Code |
2017-04-07 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32089409. |
8 |
CVE-2017-0561 |
787 |
|
Exec Code |
2017-04-07 |
2019-10-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the context of the Wi-Fi SoC. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34199105. References: B-RB#110814. |
9 |
CVE-2017-0528 |
|
|
Exec Code Bypass |
2017-03-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-33351919. |
10 |
CVE-2017-0510 |
|
|
Exec Code |
2017-03-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32402555. |
11 |
CVE-2017-0508 |
|
|
Exec Code |
2017-03-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33940449. |
12 |
CVE-2017-0507 |
|
|
Exec Code |
2017-03-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31992382. |
13 |
CVE-2017-0455 |
200 |
|
Exec Code Bypass +Info |
2017-03-08 |
2017-07-17 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-32370952. References: QC-CR#1082755. |
14 |
CVE-2017-0430 |
|
|
Exec Code |
2017-02-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32838767. References: B-RB#107459. |
15 |
CVE-2017-0429 |
787 |
|
Exec Code |
2017-02-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32636619. References: N-CVE-2017-0429. |
16 |
CVE-2017-0428 |
416 |
|
Exec Code |
2017-02-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32401526. References: N-CVE-2017-0428. |
17 |
CVE-2017-0427 |
|
|
Exec Code |
2017-02-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31495866. |
18 |
CVE-2017-0338 |
|
|
Exec Code |
2017-03-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33057977. References: N-CVE-2017-0338. |
19 |
CVE-2017-0337 |
|
|
Exec Code |
2017-03-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-31992762. References: N-CVE-2017-0337. |
20 |
CVE-2017-0335 |
|
|
Exec Code |
2017-03-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33043375. References: N-CVE-2017-0335. |
21 |
CVE-2017-0333 |
|
|
Exec Code |
2017-03-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33899363. References: N-CVE-2017-0333. |
22 |
CVE-2017-0331 |
367 |
|
Exec Code |
2017-05-02 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel 3.10. Android ID: A-34113000. References: N-CVE-2017-0331. |
23 |
CVE-2017-0307 |
190 |
|
Exec Code |
2017-03-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33177895. References: N-CVE-2017-0307. |
24 |
CVE-2017-0306 |
120 |
|
Exec Code |
2017-03-08 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-34132950. References: N-CVE-2017-0306. |
25 |
CVE-2016-10277 |
264 |
|
Exec Code |
2017-05-12 |
2017-09-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33840490. |
26 |
CVE-2016-10229 |
358 |
|
Exec Code |
2017-04-04 |
2017-09-20 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag. |
27 |
CVE-2016-10150 |
264 |
|
DoS +Priv |
2017-02-06 |
2017-02-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device. |
28 |
CVE-2016-8479 |
264 |
|
Exec Code |
2017-03-08 |
2017-07-17 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31824853. References: QC-CR#1093687. |
29 |
CVE-2016-8459 |
119 |
|
Overflow |
2017-01-12 |
2017-01-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462. |
30 |
CVE-2016-8455 |
264 |
|
Exec Code |
2017-01-12 |
2017-01-24 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32219121. References: B-RB#106311. |
31 |
CVE-2016-8440 |
119 |
|
Overflow |
2017-01-12 |
2017-01-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-31625306. References: QC-CR#1036747. |
32 |
CVE-2016-8439 |
119 |
|
Overflow |
2017-01-12 |
2017-01-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR#1027804. |
33 |
CVE-2016-8438 |
190 |
|
Overflow Bypass |
2017-01-12 |
2017-01-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638. |
34 |
CVE-2016-8437 |
20 |
|
|
2017-01-12 |
2017-01-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1009695. |
35 |
CVE-2016-8436 |
264 |
|
Exec Code |
2017-01-12 |
2017-01-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32450261. References: QC-CR#1007860. |
36 |
CVE-2016-8435 |
284 |
|
Exec Code |
2017-01-12 |
2017-01-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32700935. References: N-CVE-2016-8435. |
37 |
CVE-2016-8434 |
284 |
|
Exec Code |
2017-01-12 |
2017-01-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32125137. References: QC-CR#1081855. |
38 |
CVE-2016-8432 |
264 |
|
Exec Code |
2017-01-12 |
2017-01-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32447738. References: N-CVE-2016-8432. |
39 |
CVE-2016-8431 |
264 |
|
Exec Code |
2017-01-12 |
2017-01-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32402179. References: N-CVE-2016-8431. |
40 |
CVE-2016-8430 |
264 |
|
Exec Code |
2017-01-12 |
2017-10-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32225180. References: N-CVE-2016-8430. |
41 |
CVE-2016-8429 |
264 |
|
Exec Code |
2017-01-12 |
2017-10-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32160775. References: N-CVE-2016-8429. |
42 |
CVE-2016-8428 |
264 |
|
Exec Code |
2017-01-12 |
2017-10-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31993456. References: N-CVE-2016-8428. |
43 |
CVE-2016-8427 |
264 |
|
Exec Code |
2017-01-12 |
2017-10-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31799885. References: N-CVE-2016-8427. |
44 |
CVE-2016-8426 |
264 |
|
Exec Code |
2017-01-12 |
2017-10-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31799206. References: N-CVE-2016-8426. |
45 |
CVE-2016-8425 |
264 |
|
Exec Code |
2017-01-12 |
2017-10-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31797770. References: N-CVE-2016-8425. |
46 |
CVE-2016-8424 |
264 |
|
Exec Code |
2017-01-12 |
2017-10-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31606947. References: N-CVE-2016-8424. |
47 |
CVE-2016-8398 |
254 |
|
|
2017-01-12 |
2017-01-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. References: QC-CR#877705. |
48 |
CVE-2016-6790 |
284 |
|
Exec Code +Priv |
2017-01-12 |
2017-01-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.18. Android ID: A-31251628. References: N-CVE-2016-6790. |
49 |
CVE-2016-6789 |
284 |
|
Exec Code +Priv |
2017-01-12 |
2017-10-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.18. Android ID: A-31251973. References: N-CVE-2016-6789. |
50 |
CVE-2016-6785 |
284 |
|
Exec Code |
2017-01-12 |
2017-01-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31748056. References: MT-ALPS02961400. |