CVE-2018-9568
- EPSS 0.72%
- Veröffentlicht 06.12.2018 14:29:01
- Zuletzt bearbeitet 21.11.2024 04:15:43
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...
CVE-2018-9538
- EPSS 0.17%
- Veröffentlicht 06.12.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:15:39
In V4L2SliceVideoDecodeAccelerator::Dequeue of v4l2_slice_video_decode_accelerator.cc, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with no additional ...
CVE-2018-15835
- EPSS 2.03%
- Veröffentlicht 30.11.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:51:32
Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983.
CVE-2018-11914
- EPSS 0.18%
- Veröffentlicht 27.11.2018 16:29:01
- Zuletzt bearbeitet 21.11.2024 03:44:15
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /systemrw/ which presents a potential security.
CVE-2018-11918
- EPSS 0.17%
- Veröffentlicht 27.11.2018 16:29:01
- Zuletzt bearbeitet 21.11.2024 03:44:15
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, memory allocated is automatically released by the kernel if the 'probe' function fails with an error code.
CVE-2018-11919
- EPSS 0.21%
- Veröffentlicht 27.11.2018 16:29:01
- Zuletzt bearbeitet 21.11.2024 03:44:15
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a potential heap overflow and memory corruption due to improper error handling in SOC infrastructure.
CVE-2018-11943
- EPSS 0.17%
- Veröffentlicht 27.11.2018 16:29:01
- Zuletzt bearbeitet 21.11.2024 03:44:18
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing fastboot flash command, memory leak or unexpected behavior may occur due to processing of unintialized data buffers.
CVE-2018-11946
- EPSS 0.27%
- Veröffentlicht 27.11.2018 16:29:01
- Zuletzt bearbeitet 21.11.2024 03:44:18
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, the UPnP daemon should not be running out of box because it enables port forwarding without authentication.
CVE-2018-11956
- EPSS 0.18%
- Veröffentlicht 27.11.2018 16:29:01
- Zuletzt bearbeitet 21.11.2024 03:44:19
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper mounting lead to device node and executable to be run from /dsp/ which presents a potential security issue.
CVE-2018-11995
- EPSS 0.2%
- Veröffentlicht 27.11.2018 16:29:01
- Zuletzt bearbeitet 21.11.2024 03:44:23
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a partition name-check variable is not reset for every iteration which may cause improper termination in the META image.