| Month | Quarter | Year |
|---|---|---|
| #N/A | #N/A | #N/A |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2018-9519 | CWE-362 | Race Conditions | 6.4 |
|
In easelcomm_hw_build_scatterlist, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System privileges required. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-69808833.
|
|||
| CVE-2018-9507 | CWE-125 | Out-of-bounds Read | 6.5 |
|
In bta_av_proc_meta_cmd of bta_av_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111893951
|
|||
| CVE-2018-9506 | CWE-125 | Out-of-bounds Read | 6.5 |
|
In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111803925
|
|||
| CVE-2018-5897 | CWE-119 | Buffer Errors | 7.5 |
|
While reading the data from buffer in dci_process_ctrl_status() there can be buffer over-read problem if the len is not checked correctly in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
|
|||
| CVE-2018-5896 | CWE-125 | Out-of-bounds Read | 7.1 |
|
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, kernel panic may happen due to out-of-bound read, caused by not checking source buffer length against length of packet stream to be copied.
|
|||
| CVE-2018-5832 | CWE-416 | Use After Free | 7.0 |
|
Due to a race condition in a camera driver ioctl handler in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur.
|
|||
| CVE-2018-11818 | CWE-416 | Use After Free | 7.0 |
|
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, LUT configuration is passed down to driver from userspace via ioctl. Simultaneous update from userspace while kernel drivers are updating LUT registers can lead to race condition.
|
|||
| CVE-2017-9720 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur.
|
|||
| CVE-2017-9717 | CWE-119 | Buffer Errors | 7.5 |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur.
|
|||
| CVE-2017-9715 | CWE-119 | Buffer Errors | 7.5 |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur.
|
|||