| Month | Quarter | Year |
|---|---|---|
| #37 | #36 | #N/A |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2017-15828 | CWE-190 | Integer Overflow or Wraparound | 7.8 |
|
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow.
|
|||
| CVE-2017-15825 | CWE-125 | Out-of-bounds Read | 7.8 |
|
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a gpt update, an out of bounds memory access may potentially occur.
|
|||
| CVE-2017-15824 | CWE-119 | Buffer Errors | 5.5 |
|
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the function UpdateDeviceStatus() writes a local stack buffer without initialization to flash memory using WriteToPartition() which may potentially leak memory.
|
|||
| CVE-2017-15818 | CWE-190 | Integer Overflow or Wraparound | 7.8 |
|
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size.
|
|||
| CVE-2017-14893 | CWE-125 | Out-of-bounds Read | 5.5 |
|
While flashing meta image, a buffer over-read may potentially occur when the image size is smaller than the image header size or is smaller than the image header size + total image header entry in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
|
|||
| CVE-2017-14876 | CWE-787 | Out-of-bounds Write | 9.8 |
|
In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write.
|
|||
| CVE-2017-14872 | CWE-125 | Out-of-bounds Read | 5.5 |
|
While flashing a meta image, a buffer over-read can potentially occur when the number of images are out of the maximum range of 32 in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
|
|||
| CVE-2017-14870 | CWE-200 | Information Leak / Disclosure | 7.5 |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating the recovery message for eMMC devices, 1088 bytes of stack memory can potentially be leaked.
|
|||
| CVE-2017-14869 | CWE-200 | Information Leak / Disclosure | 7.5 |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while performing update of FOTA partition, uninitialized data can be pushed to storage.
|
|||
| CVE-2017-11080 | CWE-119 | Buffer Errors | 7.8 |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a user supplied sparse image, a buffer overflow vulnerability could occur if the sparse header block size is equal to 4294967296.
|
|||