CVE-2018-5847
- EPSS 0.17%
- Veröffentlicht 12.06.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 04:09:32
Early or late retirement of rotation requests can result in a Use After Free condition in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-5848
- EPSS 0.37%
- Veröffentlicht 12.06.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 04:09:32
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS...
CVE-2017-7759
- EPSS 0.68%
- Veröffentlicht 11.06.2018 21:29:08
- Zuletzt bearbeitet 21.11.2024 03:32:36
Android intent URLs given to Firefox for Android can be used to navigate from HTTP or HTTPS URLs to local "file:" URLs, allowing for the reading of local data through a violation of same-origin policy. Note: This attack only affects Firefox for Andro...
CVE-2017-6290
- EPSS 0.19%
- Veröffentlicht 07.06.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:29:28
In Android before the 2018-06-05 security patch level, NVIDIA TLK TrustZone contains a possible out of bounds write due to an integer overflow which could lead to local escalation of privilege with no additional execution privileges needed. User inte...
CVE-2017-6292
- EPSS 0.19%
- Veröffentlicht 07.06.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:29:28
In Android before the 2018-06-05 security patch level, NVIDIA TLZ TrustZone contains a possible out of bounds write due to integer overflow which could lead to local escalation of privilege in the TrustZone with no additional execution privileges nee...
CVE-2017-6294
- EPSS 0.16%
- Veröffentlicht 07.06.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:29:29
In Android before the 2018-06-05 security patch level, NVIDIA Tegra X1 TZ contains a possible out of bounds write due to missing bounds check which could lead to escalation of privilege from the kernel to the TZ. User interaction is not needed for ex...
CVE-2017-18154
- EPSS 0.17%
- Veröffentlicht 06.06.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:27
A crafted binder request can cause an arbitrary unmap in MediaServer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-3562
- EPSS 0.32%
- Veröffentlicht 06.06.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:05:40
Buffer over -read can occur while processing a FILS authentication frame in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-3565
- EPSS 0.39%
- Veröffentlicht 06.06.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:05:40
While sending a probe request indication in lim_send_sme_probe_req_ind() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overflow can occur.
CVE-2018-3578
- EPSS 0.46%
- Veröffentlicht 06.06.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:05:42
Type mismatch for ie_len can cause the WLAN driver to allocate less memory on the heap due to implicit casting leading to a heap buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kerne...