| Month | Quarter | Year |
|---|---|---|
| #11 | #11 | #12 |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2017-7368 | CWE-362 | Race Conditions | 7.0 |
|
In all Android releases from CAF using the Linux kernel, a race condition potentially exists in the ioctl handler of a sound driver.
|
|||
| CVE-2017-6287 | CWE-125 | Out-of-bounds Read | 5.5 |
|
NVIDIA libnvrm contains a possible out of bounds read due to a missing bounds check which could lead to local information disclosure. This issue is rated as moderate.Product: Android. Version: N/A. Android: A-64893264. Reference: N-CVE-2017-6287.
|
|||
| CVE-2017-6286 | CWE-787 | Out-of-bounds Write | 7.8 |
|
NVIDIA libnvomx contains a possible out of bounds write due to a missing bounds check which could lead to local escalation of privilege. This issue is rated as high. Product: Android. Version: N/A. Android: A-64893247. Reference: N-CVE-2017-6286.
|
|||
| CVE-2017-6285 | CWE-125 | Out-of-bounds Read | 5.5 |
|
NVIDIA libnvrm contains a possible out of bounds read due to a missing bounds check which could lead to local information disclosure. This issue is rated as moderate. Product: Android. Version: N/A. Android: A-64893156. Reference: N-CVE-2017-6285.
|
|||
| CVE-2017-6281 | CWE-787 | Out-of-bounds Write | 7.8 |
|
NVIDIA libnvomx contains a possible out of bounds write due to a improper input validation which could lead to local escalation of privilege. This issue is rated as high. Product: Android. Version: N/A. Android: A-66969318. Reference: N-CVE-2017-6281.
|
|||
| CVE-2017-6279 | CWE-787 | Out-of-bounds Write | 7.8 |
|
NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. This issue is rated as high. Product: Android. Version: N/A. Android: A-65023166. Reference: N-CVE-2017-6279.
|
|||
| CVE-2017-6276 | CWE-416 | Use After Free | 7.8 |
|
NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android: A-63802421. References: N-CVE-2017-6276.
|
|||
| CVE-2017-6275 | CWE-200 | Information Leak / Disclosure | 7.5 |
|
An information disclosure vulnerability exists in the Thermal Driver, where a missing bounds checking in the thermal driver could allow a read from an arbitrary kernel address. This issue is rated as moderate. Product: Pixel. Versions: N/A. Android ID: A-34702397. References: N-CVE-2017-6275.
|
|||
| CVE-2017-6274 | CWE-787 | Out-of-bounds Write | 9.8 |
|
An elevation of Privilege vulnerability exists in the Thermal Driver, where a missing bounds checks in the thermal throttle driver can cause an out-of-bounds write in the kernel. This issue is rated as moderate. Product: Pixel. Version: N/A. Android ID: A-34705801. References: N-CVE-2017-6274.
|
|||
| CVE-2017-6264 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
|
An elevation of privilege vulnerability exists in the NVIDIA GPU driver (gm20b_clk_throt_set_cdev_state), where an out of bound memory read is used as a function pointer could lead to code execution in the kernel.This issue is rated as high because it could allow a local malicious application to execute arbitrary code within the context of a privileged process. Product: Android. Version: N/A. Android ID: A-34705430. References: N-CVE-2017-6264.
|
|||