Google ≫ Android

In all Android releases from CAF using the Linux kernel, a KGSL ioctl was not validating all of its parameters.

In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image.

In all Android releases from CAF using the Linux kernel, a race condition potentially exists in the ioctl handler of a sound driver.

In all Android releases from CAF using the Linux kernel, an array index in an ALSA routine is not properly validating potentially leading to kernel stack corruption.

In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.

In all Android releases from CAF using the Linux kernel, a data pointer is potentially used after it has been freed when SLIMbus is turned off by Bluetooth.

In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to buffer overflow or write to arbitrary pointer location.

In all Android releases from CAF using the Linux kernel, a double free vulnerability exists in a display driver.

In a camera driver function in all Android releases from CAF using the Linux kernel, a bounds check is missing when writing into an array potentially leading to an out-of-bounds heap write.

In all Android releases from CAF using the Linux kernel, an out of bounds access can potentially occur in a camera function.