| Month | Quarter | Year |
|---|---|---|
| #97 | #80 | #N/A |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2019-2025 | CWE-416 | Use After Free | 7.8 |
|
In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-116855682References: Upstream kernel
|
|||
| CVE-2018-6271 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
|
NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474.
|
|||
| CVE-2018-6268 | CWE-416 | Use After Free | 7.8 |
|
NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161.
|
|||
| CVE-2018-6254 | CWE-125 | Out-of-bounds Read | 3.3 |
|
In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure. This issue is rated as moderate. Android: A-64340684. Reference: N-CVE-2018-6254.
|
|||
| CVE-2018-11261 | CWE-416 | Use After Free | 7.8 |
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a possible Use-after-free issue in Media Codec process. Any application using codec service will be affected.
|
|||
| CVE-2017-6287 | CWE-125 | Out-of-bounds Read | 5.5 |
|
NVIDIA libnvrm contains a possible out of bounds read due to a missing bounds check which could lead to local information disclosure. This issue is rated as moderate.Product: Android. Version: N/A. Android: A-64893264. Reference: N-CVE-2017-6287.
|
|||
| CVE-2017-6286 | CWE-787 | Out-of-bounds Write | 7.8 |
|
NVIDIA libnvomx contains a possible out of bounds write due to a missing bounds check which could lead to local escalation of privilege. This issue is rated as high. Product: Android. Version: N/A. Android: A-64893247. Reference: N-CVE-2017-6286.
|
|||
| CVE-2017-6285 | CWE-125 | Out-of-bounds Read | 5.5 |
|
NVIDIA libnvrm contains a possible out of bounds read due to a missing bounds check which could lead to local information disclosure. This issue is rated as moderate. Product: Android. Version: N/A. Android: A-64893156. Reference: N-CVE-2017-6285.
|
|||
| CVE-2017-6281 | CWE-787 | Out-of-bounds Write | 7.8 |
|
NVIDIA libnvomx contains a possible out of bounds write due to a improper input validation which could lead to local escalation of privilege. This issue is rated as high. Product: Android. Version: N/A. Android: A-66969318. Reference: N-CVE-2017-6281.
|
|||
| CVE-2017-6279 | CWE-787 | Out-of-bounds Write | 7.8 |
|
NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. This issue is rated as high. Product: Android. Version: N/A. Android: A-65023166. Reference: N-CVE-2017-6279.
|
|||