Max CVSS 10.0 Min CVSS 4.3 Total Count29
IDCVSSSummaryLast (major) updatePublished
CVE-2017-9723 None
The touchscreen driver synaptics_dsx in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-05, the size of a stack-allocated buffer can be set to a value which exceeds the size of the stack.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-17771 None
In msm_isp_prepare_v4l2_buf in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-02-12, an array out of bounds can occur.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-17769 None
Information leakage in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the audio driver.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-17766 None
In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-03, the value of num_peers received from firmware is not properly validated so that an integer overflow vulnerability in the size of a buffer allo
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-15859 None
While processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE_DECR_DB contains fewer than 1 byte, in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-15852 None
Information leak of the ISPIF base address in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the camera driver.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-15846 None
In the video_ioctl2() function in the camera driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-16, an untrusted pointer dereference may potentially occur.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-15826 None
Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-15823 None
In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-11, some values from firmware are not properly validated potentially leading to a buffer overflow.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14892 None
In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-19, the return value of q6asm_open_shared_io() is not checked properly potentially leading to a possible dangling pointer access.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14891 None
In the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-12, the contents of the stack can get leaked due to an uninitialized variable.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14883 None
In the function wma_unified_power_debug_stats_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-18, if the value param_buf->num_debug_register received from the FW command buffer is close to max of uint32, then th
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14881 None
While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, a use-after-free condition may potentially occur.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14877 None
While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no mutex lock of allocated memory. If one thread sends an ioctl cmd IPA_IOC_QUERY_RT_TBL_INDEX while another sends an
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14876 None
In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds w
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-14875 None
In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-05-23, a heap overread vulnerability exists.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-11087 None
libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the "filled length", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2017-13246 5.0
A information disclosure vulnerability in the Upstream kernel network driver. Product: Android. Versions: Android kernel. ID: A-36279469.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13245 4.6
A elevation of privilege vulnerability in the Upstream kernel audio driver. Product: Android. Versions: Android kernel. ID: A-64315347.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13244 4.6
A elevation of privilege vulnerability in the Upstream kernel easel. Product: Android. Versions: Android kernel. ID: A-62678986.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13243 5.0
A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13242 5.0
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-62672248.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13241 5.0
A information disclosure vulnerability in the Android media framework (libstagefright_soft_avcenc). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-69065651.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13240 5.0
A information disclosure vulnerability in the Android framework (crypto framework). Product: Android. Versions: 8.0, 8.1. ID: A-68694819.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13239 5.0
A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Versions: 8.0. ID: A-66244132.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13235 4.3
A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13229 10.0
A remote code execution vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68160703.
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-11043 9.3
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, an integer overflow leading to heap buffer overflow may potentially occur.
05-12-2017 - 14:29 05-12-2017 - 14:29
CVE-2017-1000405 6.9
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario br
30-11-2017 - 17:29 30-11-2017 - 17:29
Back to Top Mark selected
Back to Top