Google

Android

7931 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2017-14875

  • EPSS 0.12%
  • Veröffentlicht 30.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:13:40

In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-05-23, a heap overread vulnerability exists.

9.8

CVE-2017-14876

  • EPSS 0.17%
  • Veröffentlicht 30.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:13:40

In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds w...

9.8

CVE-2017-14877

  • EPSS 0.2%
  • Veröffentlicht 30.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:13:41

While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no mutex lock of allocated memory. If one thread sends an ioctl cmd IPA_IOC_QUERY_RT_TBL_INDEX while another sends an...

9.8

CVE-2017-14881

  • EPSS 0.2%
  • Veröffentlicht 30.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:13:41

While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, a use-after-free condition may potentially occur.

9.8

CVE-2017-14883

  • EPSS 0.18%
  • Veröffentlicht 30.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:13:41

In the function wma_unified_power_debug_stats_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-18, if the value param_buf->num_debug_register received from the FW command buffer is close to max of uint32, then th...

5.3

CVE-2017-14891

  • EPSS 0.09%
  • Veröffentlicht 30.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:13:42

In the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-12, the contents of the stack can get leaked due to an uninitialized variable.

7.8

CVE-2017-14892

  • EPSS 0.02%
  • Veröffentlicht 30.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:13:42

In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-19, the return value of q6asm_open_shared_io() is not checked properly potentially leading to a possible dangling pointer access.

7.8

CVE-2017-15823

  • EPSS 0.02%
  • Veröffentlicht 30.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:15:17

In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-11, some values from firmware are not properly validated potentially leading to a buffer overflow.

7.8

CVE-2017-15826

  • EPSS 0.01%
  • Veröffentlicht 30.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:15:18

Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures.

7.8

CVE-2017-15846

  • EPSS 0.02%
  • Veröffentlicht 30.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:15:19

In the video_ioctl2() function in the camera driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-16, an untrusted pointer dereference may potentially occur.