Max CVSS 10.0 Min CVSS 2.1 Total Count29
IDCVSSSummaryLast (major) updatePublished
CVE-2017-9723 4.6
The touchscreen driver synaptics_dsx in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-05, the size of a stack-allocated buffer can be set to a value which exceeds the size of the stack.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-17771 4.6
In msm_isp_prepare_v4l2_buf in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-02-12, an array out of bounds can occur.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-17769 2.1
Information leakage in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the audio driver.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-17766 7.5
In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-03, the value of num_peers received from firmware is not properly validated so that an integer overflow vulnerability in the size of a buffer allo
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-15859 5.0
While processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE_DECR_DB contains fewer than 1 byte, in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-15852 4.6
Information leak of the ISPIF base address in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the camera driver.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-15846 4.6
In the video_ioctl2() function in the camera driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-16, an untrusted pointer dereference may potentially occur.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-15826 4.4
Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-15823 4.6
In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-11, some values from firmware are not properly validated potentially leading to a buffer overflow.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14892 4.6
In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-19, the return value of q6asm_open_shared_io() is not checked properly potentially leading to a possible dangling pointer access.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14891 5.0
In the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-12, the contents of the stack can get leaked due to an uninitialized variable.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14883 7.5
In the function wma_unified_power_debug_stats_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-18, if the value param_buf->num_debug_register received from the FW command buffer is close to max of uint32, then th
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14881 7.5
While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, a use-after-free condition may potentially occur.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14877 7.5
While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no mutex lock of allocated memory. If one thread sends an ioctl cmd IPA_IOC_QUERY_RT_TBL_INDEX while another sends an
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14876 7.5
In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds w
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14875 5.0
In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-05-23, a heap overread vulnerability exists.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-11087 5.0
libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the "filled length", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-13246 5.0
A information disclosure vulnerability in the Upstream kernel network driver. Product: Android. Versions: Android kernel. ID: A-36279469.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13245 4.6
A elevation of privilege vulnerability in the Upstream kernel audio driver. Product: Android. Versions: Android kernel. ID: A-64315347.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13244 4.6
A elevation of privilege vulnerability in the Upstream kernel easel. Product: Android. Versions: Android kernel. ID: A-62678986.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13243 5.0
A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13242 5.0
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-62672248.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13241 5.0
A information disclosure vulnerability in the Android media framework (libstagefright_soft_avcenc). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-69065651.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13240 5.0
A information disclosure vulnerability in the Android framework (crypto framework). Product: Android. Versions: 8.0, 8.1. ID: A-68694819.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13239 5.0
A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Versions: 8.0. ID: A-66244132.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13235 4.3
A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13229 10.0
A remote code execution vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68160703.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-11043 9.3
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, an integer overflow leading to heap buffer overflow may potentially occur.
05-12-2017 - 14:29 05-12-2017 - 14:29
CVE-2017-1000405 6.9
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario br
30-11-2017 - 17:29 30-11-2017 - 17:29
Back to Top Mark selected
Back to Top