| Max CVSS | 5.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-5890 | 4.6 |
If the fdt_totalsize is reported as 0 for the current device tree, it bypasses an error check for a valid device tree in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2
|
03-10-2019 - 00:03 | 06-07-2018 - 17:29 | |
| CVE-2018-5897 | 5.0 |
While reading the data from buffer in dci_process_ctrl_status() there can be buffer over-read problem if the len is not checked correctly in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before se
|
03-10-2019 - 00:03 | 06-07-2018 - 17:29 | |
| CVE-2017-15824 | 2.1 |
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the function UpdateDeviceStatus() writes a local stack buffer without initialization to flash memory using
|
03-10-2019 - 00:03 | 06-07-2018 - 17:29 | |
| CVE-2018-5832 | 4.4 |
Due to a race condition in a camera driver ioctl handler in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur.
|
04-09-2018 - 19:31 | 06-07-2018 - 17:29 | |
| CVE-2018-3597 | 4.6 |
In the ADSP RPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, an arbitrary kernel write can occur.
|
28-08-2018 - 16:18 | 06-07-2018 - 17:29 | |
| CVE-2018-3577 | 5.0 |
While processing fragments, when the fragment count becomes very large, an integer overflow leading to a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security
|
28-08-2018 - 16:15 | 06-07-2018 - 17:29 | |
| CVE-2018-3564 | 4.6 |
In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails.
|
28-08-2018 - 15:13 | 06-07-2018 - 17:29 | |
| CVE-2018-5898 | 4.6 |
Integer overflow can occur in msm_pcm_adsp_stream_cmd_put() function if the user supplied data "param_length" goes beyond certain limit in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before secu
|
27-08-2018 - 18:32 | 06-07-2018 - 17:29 | |
| CVE-2018-5899 | 4.6 |
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, whenever TDLS connection is setup, we are freeing the netbuf in ol_tx_completion_handler and after that, we
|
27-08-2018 - 18:32 | 06-07-2018 - 17:29 | |
| CVE-2018-5895 | 2.1 |
Buffer over-read may happen in wma_process_utf_event() due to improper buffer length validation before writing into param_buf->num_wow_packet_buffer in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android
|
27-08-2018 - 18:14 | 06-07-2018 - 17:29 | |
| CVE-2018-5893 | 4.6 |
While processing a message from firmware in htt_t2h_msg_handler_fast() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer overwrite can occur.
|
27-08-2018 - 18:12 | 06-07-2018 - 17:29 | |
| CVE-2018-5888 | 4.6 |
While processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
|
27-08-2018 - 18:10 | 06-07-2018 - 17:29 | |
| CVE-2018-5889 | 4.6 |
While processing a compressed kernel image, a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
|
27-08-2018 - 18:10 | 06-07-2018 - 17:29 | |
| CVE-2018-5887 | 4.6 |
While processing the USB StrSerialDescriptor array, an array index out of bounds can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
|
27-08-2018 - 18:09 | 06-07-2018 - 17:29 | |
| CVE-2018-5836 | 2.1 |
In wma_nan_rsp_event_handler() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the data_len value is received from firmware and not properly validated whic
|
27-08-2018 - 17:20 | 06-07-2018 - 17:29 | |
| CVE-2017-15856 | 4.4 |
Due to a race condition while processing the power stats debug file to read status, a double free condition can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2
|
27-08-2018 - 12:33 | 06-07-2018 - 17:29 | |
| CVE-2017-14893 | 2.1 |
While flashing meta image, a buffer over-read may potentially occur when the image size is smaller than the image header size or is smaller than the image header size + total image header entry in Android releases from CAF using the linux kernel (And
|
27-08-2018 - 12:30 | 06-07-2018 - 17:29 | |
| CVE-2017-14872 | 2.1 |
While flashing a meta image, a buffer over-read can potentially occur when the number of images are out of the maximum range of 32 in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security
|
27-08-2018 - 12:27 | 06-07-2018 - 17:29 |