Vulnerabilites related to Google Inc. - Android
cve-2017-0700
Vulnerability from cvelistv5
Published
2017-07-06 20:00
Modified
2024-09-16 19:45
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-35639138.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/99472 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-7.1.1 Android-7.1.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:04.438Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-07-01" }, { "name": "99472", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99472" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-7.1.1 Android-7.1.2" } ] } ], "datePublic": "2017-07-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-35639138." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-07-01" }, { "name": "99472", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99472" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-07-05T00:00:00", "ID": "CVE-2017-0700", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-7.1.1 Android-7.1.2" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-35639138." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-07-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-07-01" }, { "name": "99472", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99472" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0700", "datePublished": "2017-07-06T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T19:45:49.054Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-9490
Vulnerability from cvelistv5
Published
2018-10-02 19:00
Modified
2024-09-16 18:29
Severity ?
EPSS score ?
Summary
In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type confusion. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111274046
References
▼ | URL | Tags |
---|---|---|
https://android.googlesource.com/platform/external/chromium-libpac/+/948d4753664cc4e6b33cc3de634ac8fd5f781382%2C | x_refsource_MISC | |
https://source.android.com/security/bulletin/2018-10-01%2C | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/105484 | vdb-entry, x_refsource_BID | |
https://android.googlesource.com/platform/external/v8/+/a24543157ae2cdd25da43e20f4e48a07481e6ceb | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:24:54.944Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://android.googlesource.com/platform/external/chromium-libpac/+/948d4753664cc4e6b33cc3de634ac8fd5f781382%2C" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-10-01%2C" }, { "name": "105484", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/105484" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://android.googlesource.com/platform/external/v8/+/a24543157ae2cdd25da43e20f4e48a07481e6ceb" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0" } ] } ], "datePublic": "2018-10-02T00:00:00", "descriptions": [ { "lang": "en", "value": "In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type confusion. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111274046" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-04T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://android.googlesource.com/platform/external/chromium-libpac/+/948d4753664cc4e6b33cc3de634ac8fd5f781382%2C" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-10-01%2C" }, { "name": "105484", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/105484" }, { "tags": [ "x_refsource_MISC" ], "url": "https://android.googlesource.com/platform/external/v8/+/a24543157ae2cdd25da43e20f4e48a07481e6ceb" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-10-02T00:00:00", "ID": "CVE-2018-9490", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type confusion. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111274046" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://android.googlesource.com/platform/external/chromium-libpac/+/948d4753664cc4e6b33cc3de634ac8fd5f781382,", "refsource": "MISC", "url": "https://android.googlesource.com/platform/external/chromium-libpac/+/948d4753664cc4e6b33cc3de634ac8fd5f781382," }, { "name": "https://source.android.com/security/bulletin/2018-10-01,", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-10-01," }, { "name": "105484", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105484" }, { "name": "https://android.googlesource.com/platform/external/v8/+/a24543157ae2cdd25da43e20f4e48a07481e6ceb", "refsource": "MISC", "url": "https://android.googlesource.com/platform/external/v8/+/a24543157ae2cdd25da43e20f4e48a07481e6ceb" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2018-9490", "datePublished": "2018-10-02T19:00:00Z", "dateReserved": "2018-04-05T00:00:00", "dateUpdated": "2024-09-16T18:29:26.810Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6702
Vulnerability from cvelistv5
Published
2016-11-25 16:00
Modified
2024-08-06 01:36
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses libjpeg. Android ID: A-30259087.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2016-11-01.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/94160 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-4.4.4 Version: Android-5.0.2 Version: Android-5.1.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:36:29.563Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" }, { "name": "94160", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94160" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-4.4.4" }, { "status": "affected", "version": "Android-5.0.2" }, { "status": "affected", "version": "Android-5.1.1" } ] } ], "datePublic": "2016-11-01T00:00:00", "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses libjpeg. Android ID: A-30259087." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" }, { "name": "94160", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94160" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-6702", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-4.4.4" }, { "version_value": "Android-5.0.2" }, { "version_value": "Android-5.1.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses libjpeg. Android ID: A-30259087." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2016-11-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-11-01.html" }, { "name": "94160", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94160" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-6702", "datePublished": "2016-11-25T16:00:00", "dateReserved": "2016-08-11T00:00:00", "dateUpdated": "2024-08-06T01:36:29.563Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0462
Vulnerability from cvelistv5
Published
2017-04-07 22:00
Modified
2024-08-05 13:03
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Qualcomm Seemp driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33353601. References: QC-CR#1102288.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-04-01 | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1038201 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:03:57.211Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "1038201", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038201" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2017-04-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the Qualcomm Seemp driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33353601. References: QC-CR#1102288." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "1038201", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038201" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0462", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the Qualcomm Seemp driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33353601. References: QC-CR#1102288." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-04-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "1038201", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038201" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0462", "datePublished": "2017-04-07T22:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:03:57.211Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0445
Vulnerability from cvelistv5
Published
2017-02-08 15:00
Modified
2024-08-05 13:03
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32769717.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/96054 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1037798 | vdb-entry, x_refsource_SECTRACK | |
https://source.android.com/security/bulletin/2017-02-01.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:03:57.201Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "96054", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96054" }, { "name": "1037798", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037798" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-02-01.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2017-02-06T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32769717." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-24T12:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "96054", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96054" }, { "name": "1037798", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037798" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-02-01.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0445", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32769717." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "96054", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96054" }, { "name": "1037798", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037798" }, { "name": "https://source.android.com/security/bulletin/2017-02-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-02-01.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0445", "datePublished": "2017-02-08T15:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:03:57.201Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0670
Vulnerability from cvelistv5
Published
2017-07-06 20:00
Modified
2024-09-17 03:12
Severity ?
EPSS score ?
Summary
A denial of service vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36104177.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/99470 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-5.0.2 Android-5.1.1 Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:11:06.875Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "99470", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99470" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-07-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-5.0.2 Android-5.1.1 Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2" } ] } ], "datePublic": "2017-07-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A denial of service vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36104177." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "99470", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99470" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-07-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-07-05T00:00:00", "ID": "CVE-2017-0670", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-5.0.2 Android-5.1.1 Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A denial of service vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36104177." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "99470", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99470" }, { "name": "https://source.android.com/security/bulletin/2017-07-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-07-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0670", "datePublished": "2017-07-06T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-17T03:12:23.484Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0672
Vulnerability from cvelistv5
Published
2017-07-06 20:00
Modified
2024-09-16 18:03
Severity ?
EPSS score ?
Summary
A denial of service vulnerability in the Android libraries. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-34778578.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-7.0 Android-7.1.1 Android-7.1.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:11:06.781Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-07-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-7.0 Android-7.1.1 Android-7.1.2" } ] } ], "datePublic": "2017-07-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A denial of service vulnerability in the Android libraries. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-34778578." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-06T19:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-07-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-07-05T00:00:00", "ID": "CVE-2017-0672", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A denial of service vulnerability in the Android libraries. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-34778578." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-07-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-07-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0672", "datePublished": "2017-07-06T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T18:03:56.404Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-9010
Vulnerability from cvelistv5
Published
2018-04-04 18:00
Modified
2024-09-16 21:07
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393101.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-06-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98874 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1038623 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android kernel |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:36:31.203Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98874", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98874" }, { "name": "1038623", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038623" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "datePublic": "2017-06-05T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393101." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-04-05T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98874", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98874" }, { "name": "1038623", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038623" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-06-05T00:00:00", "ID": "CVE-2015-9010", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393101." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-06-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98874", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98874" }, { "name": "1038623", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038623" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2015-9010", "datePublished": "2018-04-04T18:00:00Z", "dateReserved": "2017-03-28T00:00:00", "dateUpdated": "2024-09-16T21:07:23.381Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-13196
Vulnerability from cvelistv5
Published
2018-01-12 23:00
Modified
2024-09-16 19:47
Severity ?
EPSS score ?
Summary
In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63522067.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2018-01-01 | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1040106 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/102414 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 5.1.1 Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 Version: 8.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:58:12.538Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-01-01" }, { "name": "1040106", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040106" }, { "name": "102414", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/102414" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "5.1.1" }, { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" }, { "status": "affected", "version": "8.1" } ] } ], "datePublic": "2018-01-02T00:00:00", "descriptions": [ { "lang": "en", "value": "In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63522067." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-01-01" }, { "name": "1040106", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040106" }, { "name": "102414", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/102414" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-01-02T00:00:00", "ID": "CVE-2017-13196", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "5.1.1" }, { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" }, { "version_value": "8.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63522067." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2018-01-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-01-01" }, { "name": "1040106", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040106" }, { "name": "102414", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102414" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-13196", "datePublished": "2018-01-12T23:00:00Z", "dateReserved": "2017-08-23T00:00:00", "dateUpdated": "2024-09-16T19:47:27.315Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-9357
Vulnerability from cvelistv5
Published
2018-11-06 17:00
Modified
2024-09-16 17:07
Severity ?
EPSS score ?
Summary
In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74947856.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2018-06-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/104461 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:17:51.838Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-06-01" }, { "name": "104461", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/104461" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1" } ] } ], "datePublic": "2018-10-31T00:00:00", "descriptions": [ { "lang": "en", "value": "In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74947856." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-07T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-06-01" }, { "name": "104461", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/104461" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-10-31T00:00:00", "ID": "CVE-2018-9357", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74947856." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2018-06-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-06-01" }, { "name": "104461", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104461" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2018-9357", "datePublished": "2018-11-06T17:00:00Z", "dateReserved": "2018-04-05T00:00:00", "dateUpdated": "2024-09-16T17:07:46.072Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-13207
Vulnerability from cvelistv5
Published
2018-01-12 23:00
Modified
2024-09-16 17:38
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in the Android media framework (stagefright mpeg4writer). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37564426.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/pixel/2018-01-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/102526 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:58:12.618Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" }, { "name": "102526", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/102526" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2018-01-02T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in the Android media framework (stagefright mpeg4writer). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37564426." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-17T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" }, { "name": "102526", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/102526" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-01-02T00:00:00", "ID": "CVE-2017-13207", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in the Android media framework (stagefright mpeg4writer). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37564426." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/pixel/2018-01-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" }, { "name": "102526", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102526" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-13207", "datePublished": "2018-01-12T23:00:00Z", "dateReserved": "2017-08-23T00:00:00", "dateUpdated": "2024-09-16T17:38:18.159Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-9465
Vulnerability from cvelistv5
Published
2018-11-06 17:00
Modified
2024-09-16 23:41
Severity ?
EPSS score ?
Summary
In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69164715 References: Upstream kernel.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2018-08-01 | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1041432 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android kernel |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:24:55.275Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-08-01" }, { "name": "1041432", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041432" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "datePublic": "2018-10-31T00:00:00", "descriptions": [ { "lang": "en", "value": "In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69164715 References: Upstream kernel." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-07T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-08-01" }, { "name": "1041432", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041432" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-10-31T00:00:00", "ID": "CVE-2018-9465", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69164715 References: Upstream kernel." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2018-08-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-08-01" }, { "name": "1041432", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041432" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2018-9465", "datePublished": "2018-11-06T17:00:00Z", "dateReserved": "2018-04-05T00:00:00", "dateUpdated": "2024-09-16T23:41:04.670Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0846
Vulnerability from cvelistv5
Published
2018-01-12 23:00
Modified
2024-09-16 16:33
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in the Android framework (clipboardservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64934810.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/pixel/2018-01-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 5.1.1 Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.268Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "5.1.1" }, { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2018-01-02T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in the Android framework (clipboardservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64934810." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-12T22:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-01-02T00:00:00", "ID": "CVE-2017-0846", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "5.1.1" }, { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in the Android framework (clipboardservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64934810." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/pixel/2018-01-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0846", "datePublished": "2018-01-12T23:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T16:33:50.625Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0734
Vulnerability from cvelistv5
Published
2017-08-09 21:00
Modified
2024-09-17 03:23
Severity ?
EPSS score ?
Summary
A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38014992.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/100204 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-08-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:05.457Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "100204", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100204" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-08-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" } ] } ], "datePublic": "2017-08-07T00:00:00", "descriptions": [ { "lang": "en", "value": "A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38014992." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-10T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "100204", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100204" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-08-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-08-07T00:00:00", "ID": "CVE-2017-0734", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38014992." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "100204", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100204" }, { "name": "https://source.android.com/security/bulletin/2017-08-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-08-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0734", "datePublished": "2017-08-09T21:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-17T03:23:32.811Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-8471
Vulnerability from cvelistv5
Published
2017-01-12 20:00
Modified
2024-08-06 02:20
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31528890. References: MT-ALPS02961380.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-01-01.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/95235 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: n/a |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:20:31.406Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95235", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/95235" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-01-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31528890. References: MT-ALPS02961380." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95235", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/95235" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-8471", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31528890. References: MT-ALPS02961380." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-01-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95235", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95235" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-8471", "datePublished": "2017-01-12T20:00:00", "dateReserved": "2016-10-05T00:00:00", "dateUpdated": "2024-08-06T02:20:31.406Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0858
Vulnerability from cvelistv5
Published
2017-11-16 23:00
Modified
2024-09-16 19:05
Severity ?
EPSS score ?
Summary
Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64836894.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/pixel/2017-11-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.316Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/pixel/2017-11-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2017-11-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64836894." } ], "problemTypes": [ { "descriptions": [ { "description": "Other", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-11-16T22:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/pixel/2017-11-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-11-06T00:00:00", "ID": "CVE-2017-0858", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64836894." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Other" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/pixel/2017-11-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2017-11-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0858", "datePublished": "2017-11-16T23:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T19:05:42.079Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0756
Vulnerability from cvelistv5
Published
2017-09-08 20:00
Modified
2024-09-17 02:36
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/100649 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-09-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 4.4.4 Version: 5.0.2 Version: 5.1.1 Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.254Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "100649", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100649" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-09-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "4.4.4" }, { "status": "affected", "version": "5.0.2" }, { "status": "affected", "version": "5.1.1" }, { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" } ] } ], "datePublic": "2017-09-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "100649", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100649" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-09-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-09-05T00:00:00", "ID": "CVE-2017-0756", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "4.4.4" }, { "version_value": "5.0.2" }, { "version_value": "5.1.1" }, { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "100649", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100649" }, { "name": "https://source.android.com/security/bulletin/2017-09-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-09-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0756", "datePublished": "2017-09-08T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-17T02:36:50.163Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0806
Vulnerability from cvelistv5
Published
2017-10-03 21:00
Modified
2024-09-16 21:57
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805.
References
▼ | URL | Tags |
---|---|---|
https://android.googlesource.com/platform/frameworks/base/+/b87c968e5a41a1a09166199bf54eee12608f3900 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/101086 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-10-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.327Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://android.googlesource.com/platform/frameworks/base/+/b87c968e5a41a1a09166199bf54eee12608f3900" }, { "name": "101086", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/101086" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-10-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2017-10-02T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-04T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://android.googlesource.com/platform/frameworks/base/+/b87c968e5a41a1a09166199bf54eee12608f3900" }, { "name": "101086", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/101086" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-10-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-10-02T00:00:00", "ID": "CVE-2017-0806", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://android.googlesource.com/platform/frameworks/base/+/b87c968e5a41a1a09166199bf54eee12608f3900", "refsource": "CONFIRM", "url": "https://android.googlesource.com/platform/frameworks/base/+/b87c968e5a41a1a09166199bf54eee12608f3900" }, { "name": "101086", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101086" }, { "name": "https://source.android.com/security/bulletin/2017-10-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-10-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0806", "datePublished": "2017-10-03T21:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T21:57:19.412Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0617
Vulnerability from cvelistv5
Published
2017-05-12 15:00
Modified
2024-08-05 13:11
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34471002. References: M-ALPS03149173.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-05-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98190 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: n/a |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:11:06.795Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-05-01" }, { "name": "98190", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98190" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-05-01T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34471002. References: M-ALPS03149173." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-05-15T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-05-01" }, { "name": "98190", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98190" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0617", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34471002. References: M-ALPS03149173." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-05-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-05-01" }, { "name": "98190", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98190" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0617", "datePublished": "2017-05-12T15:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:11:06.795Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0790
Vulnerability from cvelistv5
Published
2017-09-08 20:00
Modified
2024-09-16 17:15
Severity ?
EPSS score ?
Summary
A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37357704. References: B-V2017053101.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-09-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/100655 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android kernel |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.335Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-09-01" }, { "name": "100655", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100655" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "datePublic": "2017-09-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37357704. References: B-V2017053101." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-09-01" }, { "name": "100655", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100655" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-09-05T00:00:00", "ID": "CVE-2017-0790", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37357704. References: B-V2017053101." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-09-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-09-01" }, { "name": "100655", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100655" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0790", "datePublished": "2017-09-08T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T17:15:10.594Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-8463
Vulnerability from cvelistv5
Published
2017-01-12 20:00
Modified
2024-08-06 02:20
Severity ?
EPSS score ?
Summary
A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30786860. References: QC-CR#586855.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-01-01.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/95245 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.10 Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:20:31.320Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95245", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/95245" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.10" }, { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2017-01-03T00:00:00", "descriptions": [ { "lang": "en", "value": "A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30786860. References: QC-CR#586855." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95245", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/95245" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-8463", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.10" }, { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30786860. References: QC-CR#586855." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-01-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95245", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95245" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-8463", "datePublished": "2017-01-12T20:00:00", "dateReserved": "2016-10-05T00:00:00", "dateUpdated": "2024-08-06T02:20:31.320Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0830
Vulnerability from cvelistv5
Published
2017-11-16 23:00
Modified
2024-09-17 00:11
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Android framework (device policy client). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62623498.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-11-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/101775 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.371Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-11-01" }, { "name": "101775", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/101775" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2017-11-06T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the Android framework (device policy client). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62623498." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-11-17T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-11-01" }, { "name": "101775", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/101775" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-11-06T00:00:00", "ID": "CVE-2017-0830", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the Android framework (device policy client). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62623498." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-11-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-11-01" }, { "name": "101775", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101775" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0830", "datePublished": "2017-11-16T23:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-17T00:11:54.075Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6701
Vulnerability from cvelistv5
Published
2016-11-25 16:00
Modified
2024-08-06 01:36
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability in libskia in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the context of the gallery process. Android ID: A-30190637.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/94162 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2016-11-01.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-7.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:36:29.575Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "94162", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94162" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-7.0" } ] } ], "datePublic": "2016-11-01T00:00:00", "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability in libskia in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the context of the gallery process. Android ID: A-30190637." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "94162", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94162" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-6701", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-7.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability in libskia in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the context of the gallery process. Android ID: A-30190637." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "94162", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94162" }, { "name": "https://source.android.com/security/bulletin/2016-11-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-6701", "datePublished": "2016-11-25T16:00:00", "dateReserved": "2016-08-11T00:00:00", "dateUpdated": "2024-08-06T01:36:29.575Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6791
Vulnerability from cvelistv5
Published
2017-01-12 15:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31252384. References: QC-CR#1071809.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2016-12-01.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/94681 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.10 Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:37.928Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "name": "94681", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94681" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.10" }, { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2016-12-05T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31252384. References: QC-CR#1071809." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "name": "94681", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94681" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-6791", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.10" }, { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31252384. References: QC-CR#1071809." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2016-12-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "name": "94681", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94681" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-6791", "datePublished": "2017-01-12T15:00:00", "dateReserved": "2016-08-11T00:00:00", "dateUpdated": "2024-08-06T01:43:37.928Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0719
Vulnerability from cvelistv5
Published
2017-08-09 21:00
Modified
2024-09-16 16:12
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273673.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/100204 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-08-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:05.472Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "100204", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100204" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-08-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" } ] } ], "datePublic": "2017-08-07T00:00:00", "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273673." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-10T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "100204", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100204" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-08-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-08-07T00:00:00", "ID": "CVE-2017-0719", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273673." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "100204", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100204" }, { "name": "https://source.android.com/security/bulletin/2017-08-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-08-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0719", "datePublished": "2017-08-09T21:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T16:12:40.402Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0548
Vulnerability from cvelistv5
Published
2017-04-07 22:00
Modified
2024-08-05 13:11
Severity ?
EPSS score ?
Summary
A remote denial of service vulnerability in libskia could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33251605.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-04-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/97398 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1038201 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-7.0 Version: Android-7.1.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:11:06.282Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "97398", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/97398" }, { "name": "1038201", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038201" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-7.0" }, { "status": "affected", "version": "Android-7.1.1" } ] } ], "datePublic": "2017-04-03T00:00:00", "descriptions": [ { "lang": "en", "value": "A remote denial of service vulnerability in libskia could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33251605." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "97398", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/97398" }, { "name": "1038201", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038201" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0548", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-7.0" }, { "version_value": "Android-7.1.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote denial of service vulnerability in libskia could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33251605." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-04-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "97398", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97398" }, { "name": "1038201", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038201" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0548", "datePublished": "2017-04-07T22:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:11:06.282Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0401
Vulnerability from cvelistv5
Published
2017-01-12 20:00
Modified
2024-08-05 13:03
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32588016.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-01-01.html | x_refsource_CONFIRM | |
https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/95226 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-5.0.2 Version: Android-5.1.1 Version: Android-6.0 Version: Android-6.0.1 Version: Android-7.0 Version: Android-7.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:03:57.151Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe" }, { "name": "95226", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/95226" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-5.0.2" }, { "status": "affected", "version": "Android-5.1.1" }, { "status": "affected", "version": "Android-6.0" }, { "status": "affected", "version": "Android-6.0.1" }, { "status": "affected", "version": "Android-7.0" }, { "status": "affected", "version": "Android-7.1" } ] } ], "datePublic": "2017-01-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32588016." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe" }, { "name": "95226", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/95226" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0401", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-5.0.2" }, { "version_value": "Android-5.1.1" }, { "version_value": "Android-6.0" }, { "version_value": "Android-6.0.1" }, { "version_value": "Android-7.0" }, { "version_value": "Android-7.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32588016." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-01-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe", "refsource": "CONFIRM", "url": "https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe" }, { "name": "95226", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95226" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0401", "datePublished": "2017-01-12T20:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:03:57.151Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-13295
Vulnerability from cvelistv5
Published
2018-04-04 16:00
Modified
2024-09-17 01:36
Severity ?
EPSS score ?
Summary
A denial of service vulnerability in the Android framework (package installer). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-62537081.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/pixel/2018-04-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 Version: 8.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T19:05:19.033Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/pixel/2018-04-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" }, { "status": "affected", "version": "8.1" } ] } ], "datePublic": "2018-04-02T00:00:00", "descriptions": [ { "lang": "en", "value": "A denial of service vulnerability in the Android framework (package installer). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-62537081." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-04-04T15:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/pixel/2018-04-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-04-02T00:00:00", "ID": "CVE-2017-13295", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" }, { "version_value": "8.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A denial of service vulnerability in the Android framework (package installer). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-62537081." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/pixel/2018-04-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2018-04-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-13295", "datePublished": "2018-04-04T16:00:00Z", "dateReserved": "2017-08-23T00:00:00", "dateUpdated": "2024-09-17T01:36:09.072Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6777
Vulnerability from cvelistv5
Published
2017-01-12 15:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31910462. References: N-CVE-2016-6777.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/94674 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2016-12-01.html | x_refsource_CONFIRM | |
http://nvidia.custhelp.com/app/answers/detail/a_id/4561 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.10 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:37.764Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "94674", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94674" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.10" } ] } ], "datePublic": "2016-12-05T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31910462. References: N-CVE-2016-6777." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-18T17:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "94674", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94674" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-6777", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.10" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31910462. References: N-CVE-2016-6777." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "94674", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94674" }, { "name": "https://source.android.com/security/bulletin/2016-12-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", "refsource": "CONFIRM", "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-6777", "datePublished": "2017-01-12T15:00:00", "dateReserved": "2016-08-11T00:00:00", "dateUpdated": "2024-08-06T01:43:37.764Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6748
Vulnerability from cvelistv5
Published
2016-11-25 16:00
Modified
2024-08-06 01:36
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30076504. References: Qualcomm QC-CR#987018.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2016-11-01.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/94139 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.10 Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:36:29.675Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" }, { "name": "94139", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94139" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.10" }, { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2016-11-01T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30076504. References: Qualcomm QC-CR#987018." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" }, { "name": "94139", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94139" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-6748", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.10" }, { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30076504. References: Qualcomm QC-CR#987018." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2016-11-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-11-01.html" }, { "name": "94139", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94139" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-6748", "datePublished": "2016-11-25T16:00:00", "dateReserved": "2016-08-11T00:00:00", "dateUpdated": "2024-08-06T01:36:29.675Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0804
Vulnerability from cvelistv5
Published
2017-09-08 20:00
Modified
2024-09-16 20:06
Severity ?
EPSS score ?
Summary
A elevation of privilege vulnerability in the MediaTek mmc driver. Product: Android. Versions: Android kernel. Android ID: A-36274676. References: M-ALPS03361487.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/100652 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-09-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android kernel |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.364Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "100652", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100652" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-09-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "datePublic": "2017-09-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A elevation of privilege vulnerability in the MediaTek mmc driver. Product: Android. Versions: Android kernel. Android ID: A-36274676. References: M-ALPS03361487." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "100652", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100652" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-09-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-09-05T00:00:00", "ID": "CVE-2017-0804", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A elevation of privilege vulnerability in the MediaTek mmc driver. Product: Android. Versions: Android kernel. Android ID: A-36274676. References: M-ALPS03361487." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "100652", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100652" }, { "name": "https://source.android.com/security/bulletin/2017-09-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-09-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0804", "datePublished": "2017-09-08T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T20:06:49.556Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-10286
Vulnerability from cvelistv5
Published
2017-05-12 15:00
Modified
2024-08-06 03:14
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-35400904. References: QC-CR#1090237.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/98165 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-05-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T03:14:42.964Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "98165", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98165" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-05-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2017-05-01T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-35400904. References: QC-CR#1090237." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-05-15T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "98165", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98165" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-05-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-10286", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-35400904. References: QC-CR#1090237." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "98165", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98165" }, { "name": "https://source.android.com/security/bulletin/2017-05-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-05-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-10286", "datePublished": "2017-05-12T15:00:00", "dateReserved": "2017-03-28T00:00:00", "dateUpdated": "2024-08-06T03:14:42.964Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0761
Vulnerability from cvelistv5
Published
2017-09-08 20:00
Modified
2024-09-16 22:46
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38448381.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/100649 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-09-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.302Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "100649", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100649" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-09-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2017-09-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38448381." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "100649", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100649" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-09-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-09-05T00:00:00", "ID": "CVE-2017-0761", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38448381." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "100649", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100649" }, { "name": "https://source.android.com/security/bulletin/2017-09-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-09-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0761", "datePublished": "2017-09-08T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T22:46:49.172Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0808
Vulnerability from cvelistv5
Published
2017-10-03 21:00
Modified
2024-09-16 22:56
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in the Android framework (file system). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62301183.
References
▼ | URL | Tags |
---|---|---|
https://android.googlesource.com/platform/libcore/+/809681f310663288e83587089abb7715c68f6924 | x_refsource_CONFIRM | |
https://source.android.com/security/bulletin/pixel/2017-10-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/101190 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.222Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://android.googlesource.com/platform/libcore/+/809681f310663288e83587089abb7715c68f6924" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/pixel/2017-10-01" }, { "name": "101190", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/101190" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2017-10-02T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in the Android framework (file system). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62301183." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-07T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://android.googlesource.com/platform/libcore/+/809681f310663288e83587089abb7715c68f6924" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/pixel/2017-10-01" }, { "name": "101190", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/101190" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-10-02T00:00:00", "ID": "CVE-2017-0808", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in the Android framework (file system). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62301183." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://android.googlesource.com/platform/libcore/+/809681f310663288e83587089abb7715c68f6924", "refsource": "CONFIRM", "url": "https://android.googlesource.com/platform/libcore/+/809681f310663288e83587089abb7715c68f6924" }, { "name": "https://source.android.com/security/bulletin/pixel/2017-10-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2017-10-01" }, { "name": "101190", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101190" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0808", "datePublished": "2017-10-03T21:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T22:56:08.855Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0623
Vulnerability from cvelistv5
Published
2017-05-12 15:00
Modified
2024-08-05 13:11
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32512358.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-05-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98199 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:11:06.600Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-05-01" }, { "name": "98199", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98199" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2017-05-01T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32512358." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-05-15T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-05-01" }, { "name": "98199", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98199" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0623", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32512358." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-05-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-05-01" }, { "name": "98199", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98199" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0623", "datePublished": "2017-05-12T15:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:11:06.600Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0753
Vulnerability from cvelistv5
Published
2017-09-08 20:00
Modified
2024-09-17 02:56
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability in the Android libraries (libgdx). Product: Android. Versions: 7.1.1, 7.1.2, 8.0. Android ID: A-62218744.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-09-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/100650 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.280Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-09-01" }, { "name": "100650", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100650" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2017-09-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability in the Android libraries (libgdx). Product: Android. Versions: 7.1.1, 7.1.2, 8.0. Android ID: A-62218744." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-09-01" }, { "name": "100650", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100650" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-09-05T00:00:00", "ID": "CVE-2017-0753", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability in the Android libraries (libgdx). Product: Android. Versions: 7.1.1, 7.1.2, 8.0. Android ID: A-62218744." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-09-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-09-01" }, { "name": "100650", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100650" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0753", "datePublished": "2017-09-08T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-17T02:56:36.912Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-9453
Vulnerability from cvelistv5
Published
2018-11-06 17:00
Modified
2024-09-16 20:22
Severity ?
EPSS score ?
Summary
In avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78288378.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2018-08-01 | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1041432 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:24:54.918Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-08-01" }, { "name": "1041432", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041432" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1" } ] } ], "datePublic": "2018-10-31T00:00:00", "descriptions": [ { "lang": "en", "value": "In avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78288378." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-07T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-08-01" }, { "name": "1041432", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041432" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-10-31T00:00:00", "ID": "CVE-2018-9453", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78288378." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2018-08-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-08-01" }, { "name": "1041432", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041432" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2018-9453", "datePublished": "2018-11-06T17:00:00Z", "dateReserved": "2018-04-05T00:00:00", "dateUpdated": "2024-09-16T20:22:01.222Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-8447
Vulnerability from cvelistv5
Published
2017-01-12 20:00
Modified
2024-08-06 02:20
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31749463. References: MT-ALPS02968886.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-01-01.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/95229 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: n/a |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:20:31.364Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95229", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/95229" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-01-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31749463. References: MT-ALPS02968886." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95229", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/95229" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-8447", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31749463. References: MT-ALPS02968886." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-01-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95229", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95229" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-8447", "datePublished": "2017-01-12T20:00:00", "dateReserved": "2016-10-05T00:00:00", "dateUpdated": "2024-08-06T02:20:31.364Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0402
Vulnerability from cvelistv5
Published
2017-01-12 20:00
Modified
2024-08-05 13:03
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32436341.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-01-01.html | x_refsource_CONFIRM | |
https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac | x_refsource_CONFIRM | |
https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/95226 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-4.4.4 Version: Android-5.0.2 Version: Android-5.1.1 Version: Android-6.0 Version: Android-6.0.1 Version: Android-7.0 Version: Android-7.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:03:57.110Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57" }, { "name": "95226", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/95226" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-4.4.4" }, { "status": "affected", "version": "Android-5.0.2" }, { "status": "affected", "version": "Android-5.1.1" }, { "status": "affected", "version": "Android-6.0" }, { "status": "affected", "version": "Android-6.0.1" }, { "status": "affected", "version": "Android-7.0" }, { "status": "affected", "version": "Android-7.1" } ] } ], "datePublic": "2017-01-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32436341." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57" }, { "name": "95226", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/95226" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0402", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-4.4.4" }, { "version_value": "Android-5.0.2" }, { "version_value": "Android-5.1.1" }, { "version_value": "Android-6.0" }, { "version_value": "Android-6.0.1" }, { "version_value": "Android-7.0" }, { "version_value": "Android-7.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32436341." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-01-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac", "refsource": "CONFIRM", "url": "https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac" }, { "name": "https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57", "refsource": "CONFIRM", "url": "https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57" }, { "name": "95226", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95226" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0402", "datePublished": "2017-01-12T20:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:03:57.110Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0849
Vulnerability from cvelistv5
Published
2017-11-16 23:00
Modified
2024-09-16 18:23
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62688399.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/pixel/2017-11-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.195Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/pixel/2017-11-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2017-11-06T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62688399." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-11-16T22:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/pixel/2017-11-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-11-06T00:00:00", "ID": "CVE-2017-0849", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62688399." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/pixel/2017-11-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2017-11-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0849", "datePublished": "2017-11-16T23:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T18:23:20.640Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-8458
Vulnerability from cvelistv5
Published
2017-01-12 20:00
Modified
2024-08-06 02:20
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31968442.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-01-01.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/95279 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.10 Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:20:31.336Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95279", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/95279" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.10" }, { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2017-01-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31968442." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95279", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/95279" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-8458", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.10" }, { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31968442." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-01-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95279", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95279" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-8458", "datePublished": "2017-01-12T20:00:00", "dateReserved": "2016-10-05T00:00:00", "dateUpdated": "2024-08-06T02:20:31.336Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-9533
Vulnerability from cvelistv5
Published
2018-11-14 18:00
Modified
2024-08-05 07:24
Severity ?
EPSS score ?
Summary
In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out of write read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112766520
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2018-11-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-9 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:24:55.893Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-11-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-9" } ] } ], "datePublic": "2018-11-14T00:00:00", "descriptions": [ { "lang": "en", "value": "In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out of write read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112766520" } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-14T17:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-11-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2018-9533", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-9" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out of write read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112766520" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2018-11-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-11-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2018-9533", "datePublished": "2018-11-14T18:00:00", "dateReserved": "2018-04-05T00:00:00", "dateUpdated": "2024-08-05T07:24:55.893Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0431
Vulnerability from cvelistv5
Published
2018-04-05 18:00
Modified
2024-09-16 22:24
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32573899.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/96068 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-02-01 | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1037798 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android kernel |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:03:57.172Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "96068", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96068" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-02-01" }, { "name": "1037798", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037798" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "datePublic": "2017-02-06T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32573899." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-04-06T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "96068", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96068" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-02-01" }, { "name": "1037798", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037798" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-02-06T00:00:00", "ID": "CVE-2017-0431", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32573899." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "96068", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96068" }, { "name": "https://source.android.com/security/bulletin/2017-02-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-02-01" }, { "name": "1037798", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037798" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0431", "datePublished": "2018-04-05T18:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T22:24:41.464Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0646
Vulnerability from cvelistv5
Published
2017-06-14 13:00
Modified
2024-08-05 13:11
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33899337.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-06-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98871 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1038623 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-4.4.4 Android-5.0.2 Android-5.1.1 Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:11:06.939Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98871", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98871" }, { "name": "1038623", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038623" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-4.4.4 Android-5.0.2 Android-5.1.1 Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2" } ] } ], "datePublic": "2017-06-05T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33899337." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-07T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98871", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98871" }, { "name": "1038623", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038623" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0646", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-4.4.4 Android-5.0.2 Android-5.1.1 Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33899337." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-06-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98871", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98871" }, { "name": "1038623", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038623" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0646", "datePublished": "2017-06-14T13:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:11:06.939Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0735
Vulnerability from cvelistv5
Published
2017-08-09 21:00
Modified
2024-09-16 19:01
Severity ?
EPSS score ?
Summary
A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38239864.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/100204 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-08-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.202Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "100204", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100204" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-08-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" } ] } ], "datePublic": "2017-08-07T00:00:00", "descriptions": [ { "lang": "en", "value": "A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38239864." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-10T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "100204", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100204" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-08-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-08-07T00:00:00", "ID": "CVE-2017-0735", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38239864." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "100204", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100204" }, { "name": "https://source.android.com/security/bulletin/2017-08-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-08-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0735", "datePublished": "2017-08-09T21:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T19:01:11.931Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-9511
Vulnerability from cvelistv5
Published
2018-10-02 19:00
Modified
2024-09-16 16:58
Severity ?
EPSS score ?
Summary
In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a security feature due to uninitialized data. This could lead to local denial of service of IPsec on sockets with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-111650288
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/105482 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2018-10-01%2C | x_refsource_CONFIRM | |
https://android.googlesource.com/platform/system/netd/+/931418b16c7197ca2df34c2a5609e49791125abe | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-9.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:24:56.143Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "105482", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/105482" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-10-01%2C" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://android.googlesource.com/platform/system/netd/+/931418b16c7197ca2df34c2a5609e49791125abe" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-9.0" } ] } ], "datePublic": "2018-10-02T00:00:00", "descriptions": [ { "lang": "en", "value": "In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a security feature due to uninitialized data. This could lead to local denial of service of IPsec on sockets with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-111650288" } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-04T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "105482", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/105482" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-10-01%2C" }, { "tags": [ "x_refsource_MISC" ], "url": "https://android.googlesource.com/platform/system/netd/+/931418b16c7197ca2df34c2a5609e49791125abe" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-10-02T00:00:00", "ID": "CVE-2018-9511", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-9.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a security feature due to uninitialized data. This could lead to local denial of service of IPsec on sockets with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-111650288" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "105482", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105482" }, { "name": "https://source.android.com/security/bulletin/2018-10-01,", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-10-01," }, { "name": "https://android.googlesource.com/platform/system/netd/+/931418b16c7197ca2df34c2a5609e49791125abe", "refsource": "MISC", "url": "https://android.googlesource.com/platform/system/netd/+/931418b16c7197ca2df34c2a5609e49791125abe" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2018-9511", "datePublished": "2018-10-02T19:00:00Z", "dateReserved": "2018-04-05T00:00:00", "dateUpdated": "2024-09-16T16:58:51.731Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0798
Vulnerability from cvelistv5
Published
2017-09-08 20:00
Modified
2024-09-16 19:46
Severity ?
EPSS score ?
Summary
A elevation of privilege vulnerability in the MediaTek kernel. Product: Android. Versions: Android kernel. Android ID: A-36100671. References: M-ALPS03365532.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/100652 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-09-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android kernel |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.278Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "100652", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100652" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-09-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "datePublic": "2017-09-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A elevation of privilege vulnerability in the MediaTek kernel. Product: Android. Versions: Android kernel. Android ID: A-36100671. References: M-ALPS03365532." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "100652", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100652" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-09-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-09-05T00:00:00", "ID": "CVE-2017-0798", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A elevation of privilege vulnerability in the MediaTek kernel. Product: Android. Versions: Android kernel. Android ID: A-36100671. References: M-ALPS03365532." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "100652", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100652" }, { "name": "https://source.android.com/security/bulletin/2017-09-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-09-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0798", "datePublished": "2017-09-08T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T19:46:52.774Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-13202
Vulnerability from cvelistv5
Published
2018-01-12 23:00
Modified
2024-09-17 00:55
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67647856.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/pixel/2018-01-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/102521 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 5.1.1 Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 Version: 8.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:58:12.526Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" }, { "name": "102521", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/102521" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "5.1.1" }, { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" }, { "status": "affected", "version": "8.1" } ] } ], "datePublic": "2018-01-02T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67647856." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-17T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" }, { "name": "102521", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/102521" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-01-02T00:00:00", "ID": "CVE-2017-13202", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "5.1.1" }, { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" }, { "version_value": "8.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67647856." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/pixel/2018-01-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" }, { "name": "102521", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102521" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-13202", "datePublished": "2018-01-12T23:00:00Z", "dateReserved": "2017-08-23T00:00:00", "dateUpdated": "2024-09-17T00:55:32.044Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-13208
Vulnerability from cvelistv5
Published
2018-01-12 23:00
Modified
2024-09-16 17:19
Severity ?
EPSS score ?
Summary
In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67474440.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2018-01-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/102415 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1040106 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 5.1.1 Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 Version: 8.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:58:12.703Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-01-01" }, { "name": "102415", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/102415" }, { "name": "1040106", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040106" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "5.1.1" }, { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" }, { "status": "affected", "version": "8.1" } ] } ], "datePublic": "2018-01-02T00:00:00", "descriptions": [ { "lang": "en", "value": "In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67474440." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-01-01" }, { "name": "102415", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/102415" }, { "name": "1040106", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040106" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-01-02T00:00:00", "ID": "CVE-2017-13208", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "5.1.1" }, { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" }, { "version_value": "8.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67474440." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2018-01-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-01-01" }, { "name": "102415", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102415" }, { "name": "1040106", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040106" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-13208", "datePublished": "2018-01-12T23:00:00Z", "dateReserved": "2017-08-23T00:00:00", "dateUpdated": "2024-09-16T17:19:18.730Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0528
Vulnerability from cvelistv5
Published
2017-03-08 01:00
Modified
2024-08-05 13:11
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-33351919.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-03-01 | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1037968 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/96807 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:11:06.314Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-03-01" }, { "name": "1037968", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037968" }, { "name": "96807", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96807" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2017-03-06T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-33351919." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-14T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-03-01" }, { "name": "1037968", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037968" }, { "name": "96807", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96807" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0528", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-33351919." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-03-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-03-01" }, { "name": "1037968", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037968" }, { "name": "96807", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96807" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0528", "datePublished": "2017-03-08T01:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:11:06.314Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0782
Vulnerability from cvelistv5
Published
2017-09-14 19:00
Modified
2024-09-17 03:17
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237.
References
▼ | URL | Tags |
---|---|---|
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | x_refsource_CONFIRM | |
https://source.android.com/security/bulletin/2017-09-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/100822 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 4.4.4 Version: 5.0.2 Version: 5.1.1 Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.349Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-09-01" }, { "name": "100822", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100822" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "4.4.4" }, { "status": "affected", "version": "5.0.2" }, { "status": "affected", "version": "5.1.1" }, { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2017-09-12T00:00:00", "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-18T01:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-09-01" }, { "name": "100822", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100822" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-09-12T00:00:00", "ID": "CVE-2017-0782", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "4.4.4" }, { "version_value": "5.0.2" }, { "version_value": "5.1.1" }, { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "name": "https://source.android.com/security/bulletin/2017-09-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-09-01" }, { "name": "100822", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100822" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0782", "datePublished": "2017-09-14T19:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-17T03:17:52.858Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-9505
Vulnerability from cvelistv5
Published
2018-10-02 19:00
Modified
2024-09-16 19:10
Severity ?
EPSS score ?
Summary
In mca_ccb_hdl_req of mca_cact.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110791536
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/105482 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2018-10-01%2C | x_refsource_CONFIRM | |
https://android.googlesource.com/platform/system/bt/+/5216e6120160b28d76e9ee4dff9995e772647511 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:24:56.022Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "105482", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/105482" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-10-01%2C" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://android.googlesource.com/platform/system/bt/+/5216e6120160b28d76e9ee4dff9995e772647511" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0" } ] } ], "datePublic": "2018-10-02T00:00:00", "descriptions": [ { "lang": "en", "value": "In mca_ccb_hdl_req of mca_cact.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110791536" } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-04T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "105482", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/105482" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-10-01%2C" }, { "tags": [ "x_refsource_MISC" ], "url": "https://android.googlesource.com/platform/system/bt/+/5216e6120160b28d76e9ee4dff9995e772647511" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-10-02T00:00:00", "ID": "CVE-2018-9505", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In mca_ccb_hdl_req of mca_cact.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110791536" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "105482", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105482" }, { "name": "https://source.android.com/security/bulletin/2018-10-01,", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-10-01," }, { "name": "https://android.googlesource.com/platform/system/bt/+/5216e6120160b28d76e9ee4dff9995e772647511", "refsource": "MISC", "url": "https://android.googlesource.com/platform/system/bt/+/5216e6120160b28d76e9ee4dff9995e772647511" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2018-9505", "datePublished": "2018-10-02T19:00:00Z", "dateReserved": "2018-04-05T00:00:00", "dateUpdated": "2024-09-16T19:10:01.885Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6715
Vulnerability from cvelistv5
Published
2016-11-25 16:00
Modified
2024-08-06 01:36
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could allow a local malicious application to record audio without the user's permission. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission.) Android ID: A-29833954.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/94173 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2016-11-01.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-4.4.4 Version: Android-5.0.2 Version: Android-5.1.1 Version: Android-6.0 Version: Android-6.0.1 Version: Android-7.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:36:29.569Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "94173", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94173" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-4.4.4" }, { "status": "affected", "version": "Android-5.0.2" }, { "status": "affected", "version": "Android-5.1.1" }, { "status": "affected", "version": "Android-6.0" }, { "status": "affected", "version": "Android-6.0.1" }, { "status": "affected", "version": "Android-7.0" } ] } ], "datePublic": "2016-11-01T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could allow a local malicious application to record audio without the user\u0027s permission. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission.) Android ID: A-29833954." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "94173", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94173" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-6715", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-4.4.4" }, { "version_value": "Android-5.0.2" }, { "version_value": "Android-5.1.1" }, { "version_value": "Android-6.0" }, { "version_value": "Android-6.0.1" }, { "version_value": "Android-7.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could allow a local malicious application to record audio without the user\u0027s permission. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission.) Android ID: A-29833954." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "94173", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94173" }, { "name": "https://source.android.com/security/bulletin/2016-11-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-6715", "datePublished": "2016-11-25T16:00:00", "dateReserved": "2016-08-11T00:00:00", "dateUpdated": "2024-08-06T01:36:29.569Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6773
Vulnerability from cvelistv5
Published
2017-01-12 15:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in the ih264d decoder in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0. Android ID: A-30481714.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2016-12-01.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/94707 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-6.0 Version: Android-6.0.1 Version: Android-7.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:37.977Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "name": "94707", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94707" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-6.0" }, { "status": "affected", "version": "Android-6.0.1" }, { "status": "affected", "version": "Android-7.0" } ] } ], "datePublic": "2016-12-05T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in the ih264d decoder in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0. Android ID: A-30481714." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "name": "94707", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94707" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-6773", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-6.0" }, { "version_value": "Android-6.0.1" }, { "version_value": "Android-7.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in the ih264d decoder in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0. Android ID: A-30481714." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2016-12-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-12-01.html" }, { "name": "94707", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94707" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-6773", "datePublished": "2017-01-12T15:00:00", "dateReserved": "2016-08-11T00:00:00", "dateUpdated": "2024-08-06T01:43:37.977Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-9548
Vulnerability from cvelistv5
Published
2018-12-06 14:00
Modified
2024-08-05 07:24
Severity ?
EPSS score ?
Summary
In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-112555574.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/106067 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2018-12-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:24:56.138Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "106067", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/106067" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-12-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" } ] } ], "datePublic": "2018-12-06T00:00:00", "descriptions": [ { "lang": "en", "value": "In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-112555574." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-12-07T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "106067", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/106067" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-12-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2018-9548", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-112555574." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "106067", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106067" }, { "name": "https://source.android.com/security/bulletin/2018-12-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-12-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2018-9548", "datePublished": "2018-12-06T14:00:00", "dateReserved": "2018-04-05T00:00:00", "dateUpdated": "2024-08-05T07:24:56.138Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0741
Vulnerability from cvelistv5
Published
2017-08-09 21:00
Modified
2024-09-17 01:26
Severity ?
EPSS score ?
Summary
A elevation of privilege vulnerability in the MediaTek gpu driver. Product: Android. Versions: Android kernel. Android ID: A-32458601. References: M-ALPS03007523.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/100209 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-08-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android kernel |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:06.211Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "100209", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100209" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-08-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "datePublic": "2017-08-07T00:00:00", "descriptions": [ { "lang": "en", "value": "A elevation of privilege vulnerability in the MediaTek gpu driver. Product: Android. Versions: Android kernel. Android ID: A-32458601. References: M-ALPS03007523." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-10T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "100209", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100209" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-08-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-08-07T00:00:00", "ID": "CVE-2017-0741", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A elevation of privilege vulnerability in the MediaTek gpu driver. Product: Android. Versions: Android kernel. Android ID: A-32458601. References: M-ALPS03007523." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "100209", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100209" }, { "name": "https://source.android.com/security/bulletin/2017-08-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-08-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0741", "datePublished": "2017-08-09T21:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-17T01:26:18.466Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6721
Vulnerability from cvelistv5
Published
2016-11-25 16:00
Modified
2024-08-06 01:36
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Android ID: A-30875060.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/94143 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2016-11-01.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-6.0 Version: Android-6.0.1 Version: Android-7.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:36:29.566Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "94143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94143" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-6.0" }, { "status": "affected", "version": "Android-6.0.1" }, { "status": "affected", "version": "Android-7.0" } ] } ], "datePublic": "2016-11-01T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Android ID: A-30875060." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "94143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94143" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-6721", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-6.0" }, { "version_value": "Android-6.0.1" }, { "version_value": "Android-7.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Android ID: A-30875060." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "94143", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94143" }, { "name": "https://source.android.com/security/bulletin/2016-11-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-6721", "datePublished": "2016-11-25T16:00:00", "dateReserved": "2016-08-11T00:00:00", "dateUpdated": "2024-08-06T01:36:29.566Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-13188
Vulnerability from cvelistv5
Published
2018-01-12 23:00
Modified
2024-09-16 16:24
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in the Android media framework (aac). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65280786.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/pixel/2018-01-01 | x_refsource_CONFIRM | |
https://android.googlesource.com/platform/external/aac/+/8e3be529372892e20ccf196809bc73276c822189 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 Version: 8.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:58:12.730Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://android.googlesource.com/platform/external/aac/+/8e3be529372892e20ccf196809bc73276c822189" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" }, { "status": "affected", "version": "8.1" } ] } ], "datePublic": "2018-01-02T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in the Android media framework (aac). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65280786." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-12T22:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://android.googlesource.com/platform/external/aac/+/8e3be529372892e20ccf196809bc73276c822189" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-01-02T00:00:00", "ID": "CVE-2017-13188", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" }, { "version_value": "8.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in the Android media framework (aac). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65280786." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/pixel/2018-01-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" }, { "name": "https://android.googlesource.com/platform/external/aac/+/8e3be529372892e20ccf196809bc73276c822189", "refsource": "CONFIRM", "url": "https://android.googlesource.com/platform/external/aac/+/8e3be529372892e20ccf196809bc73276c822189" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-13188", "datePublished": "2018-01-12T23:00:00Z", "dateReserved": "2017-08-23T00:00:00", "dateUpdated": "2024-09-16T16:24:19.798Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-8457
Vulnerability from cvelistv5
Published
2017-01-12 20:00
Modified
2024-08-06 02:20
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32219453. References: B-RB#106116.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-01-01.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/95240 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.10 Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T02:20:31.342Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95240", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/95240" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.10" }, { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2017-01-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32219453. References: B-RB#106116." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95240", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/95240" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-8457", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.10" }, { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32219453. References: B-RB#106116." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-01-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-01-01.html" }, { "name": "95240", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95240" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-8457", "datePublished": "2017-01-12T20:00:00", "dateReserved": "2016-10-05T00:00:00", "dateUpdated": "2024-08-06T02:20:31.342Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-13243
Vulnerability from cvelistv5
Published
2018-02-12 19:00
Modified
2024-09-16 23:11
Severity ?
EPSS score ?
Summary
A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/pixel/2018-02-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/103013 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 5.1.1 Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T19:05:18.915Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/pixel/2018-02-01" }, { "name": "103013", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/103013" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "5.1.1" }, { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2018-02-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-02-15T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/pixel/2018-02-01" }, { "name": "103013", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/103013" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-02-05T00:00:00", "ID": "CVE-2017-13243", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "5.1.1" }, { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/pixel/2018-02-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2018-02-01" }, { "name": "103013", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103013" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-13243", "datePublished": "2018-02-12T19:00:00Z", "dateReserved": "2017-08-23T00:00:00", "dateUpdated": "2024-09-16T23:11:45.011Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0649
Vulnerability from cvelistv5
Published
2017-06-14 13:00
Modified
2024-08-05 13:11
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability specific details which limit the impact of the issue. Product: Android. Versions: N/A. Android ID: A-34468195. References: M-ALPS03162283.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-06-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98866 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1038623 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-N/A |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:11:06.946Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98866", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98866" }, { "name": "1038623", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038623" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-N/A" } ] } ], "datePublic": "2017-06-05T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability specific details which limit the impact of the issue. Product: Android. Versions: N/A. Android ID: A-34468195. References: M-ALPS03162283." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-07T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98866", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98866" }, { "name": "1038623", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038623" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0649", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-N/A" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability specific details which limit the impact of the issue. Product: Android. Versions: N/A. Android ID: A-34468195. References: M-ALPS03162283." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-06-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98866", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98866" }, { "name": "1038623", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038623" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0649", "datePublished": "2017-06-14T13:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:11:06.946Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0412
Vulnerability from cvelistv5
Published
2017-02-08 15:00
Modified
2024-08-05 13:03
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33039926.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/41355/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securitytracker.com/id/1037798 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/96056 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-02-01.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-7.0 Version: Android-7.1.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:03:57.057Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "41355", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/41355/" }, { "name": "1037798", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1037798" }, { "name": "96056", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/96056" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-02-01.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-7.0" }, { "status": "affected", "version": "Android-7.1.1" } ] } ], "datePublic": "2017-02-06T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33039926." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-31T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "41355", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/41355/" }, { "name": "1037798", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1037798" }, { "name": "96056", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/96056" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-02-01.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0412", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-7.0" }, { "version_value": "Android-7.1.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33039926." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "41355", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/41355/" }, { "name": "1037798", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037798" }, { "name": "96056", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96056" }, { "name": "https://source.android.com/security/bulletin/2017-02-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-02-01.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0412", "datePublished": "2017-02-08T15:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:03:57.057Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6753
Vulnerability from cvelistv5
Published
2016-11-25 16:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in kernel components, including the process-grouping subsystem and the networking subsystem, in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30149174.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2016-11-01.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/94147 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:43:37.658Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" }, { "name": "94147", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94147" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2016-11-01T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in kernel components, including the process-grouping subsystem and the networking subsystem, in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30149174." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" }, { "name": "94147", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94147" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-6753", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in kernel components, including the process-grouping subsystem and the networking subsystem, in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30149174." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2016-11-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-11-01.html" }, { "name": "94147", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94147" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-6753", "datePublished": "2016-11-25T16:00:00", "dateReserved": "2016-08-11T00:00:00", "dateUpdated": "2024-08-06T01:43:37.658Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2016-6709
Vulnerability from cvelistv5
Published
2016-11-25 16:00
Modified
2024-08-06 01:36
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle attacker to gain access to sensitive information if a non-standard cipher suite is used by an application. This issue is rated as High because it could be used to access data without permission. Android ID: A-31081987.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/94169 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2016-11-01.html | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-6.0 Version: Android-6.0.1 Version: Android-7.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T01:36:29.567Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "94169", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/94169" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-6.0" }, { "status": "affected", "version": "Android-6.0.1" }, { "status": "affected", "version": "Android-7.0" } ] } ], "datePublic": "2016-11-01T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle attacker to gain access to sensitive information if a non-standard cipher suite is used by an application. This issue is rated as High because it could be used to access data without permission. Android ID: A-31081987." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-25T19:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "94169", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/94169" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2016-6709", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-6.0" }, { "version_value": "Android-6.0.1" }, { "version_value": "Android-7.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle attacker to gain access to sensitive information if a non-standard cipher suite is used by an application. This issue is rated as High because it could be used to access data without permission. Android ID: A-31081987." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "94169", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94169" }, { "name": "https://source.android.com/security/bulletin/2016-11-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-11-01.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-6709", "datePublished": "2016-11-25T16:00:00", "dateReserved": "2016-08-11T00:00:00", "dateUpdated": "2024-08-06T01:36:29.567Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-13217
Vulnerability from cvelistv5
Published
2018-01-12 23:00
Modified
2024-09-16 19:09
Severity ?
EPSS score ?
Summary
In DisplayFtmItem in the bootloader, there is an out-of-bounds write due to reading a string without verifying that it's null-terminated. This could lead to a secure boot bypass and a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-68269077.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2018-01-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/102423 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1040106 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android kernel |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:58:12.704Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-01-01" }, { "name": "102423", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/102423" }, { "name": "1040106", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040106" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "datePublic": "2018-01-02T00:00:00", "descriptions": [ { "lang": "en", "value": "In DisplayFtmItem in the bootloader, there is an out-of-bounds write due to reading a string without verifying that it\u0027s null-terminated. This could lead to a secure boot bypass and a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-68269077." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-13T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-01-01" }, { "name": "102423", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/102423" }, { "name": "1040106", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040106" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-01-02T00:00:00", "ID": "CVE-2017-13217", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In DisplayFtmItem in the bootloader, there is an out-of-bounds write due to reading a string without verifying that it\u0027s null-terminated. This could lead to a secure boot bypass and a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-68269077." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2018-01-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-01-01" }, { "name": "102423", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102423" }, { "name": "1040106", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040106" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-13217", "datePublished": "2018-01-12T23:00:00Z", "dateReserved": "2017-08-23T00:00:00", "dateUpdated": "2024-09-16T19:09:18.479Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-9545
Vulnerability from cvelistv5
Published
2018-11-14 18:00
Modified
2024-08-05 07:24
Severity ?
EPSS score ?
Summary
In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-113111784
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/105849 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2018-11-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-9 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:24:56.038Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "105849", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/105849" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-11-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-9" } ] } ], "datePublic": "2018-11-14T00:00:00", "descriptions": [ { "lang": "en", "value": "In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-113111784" } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-15T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "105849", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/105849" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-11-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2018-9545", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-9" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-113111784" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "105849", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105849" }, { "name": "https://source.android.com/security/bulletin/2018-11-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-11-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2018-9545", "datePublished": "2018-11-14T18:00:00", "dateReserved": "2018-04-05T00:00:00", "dateUpdated": "2024-08-05T07:24:56.038Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-13212
Vulnerability from cvelistv5
Published
2018-01-12 23:00
Modified
2024-09-16 22:03
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Android system (systemui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62187985.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/pixel/2018-01-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 5.1.1 Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:58:12.620Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "5.1.1" }, { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2018-01-02T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the Android system (systemui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62187985." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-12T22:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-01-02T00:00:00", "ID": "CVE-2017-13212", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "5.1.1" }, { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the Android system (systemui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62187985." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/pixel/2018-01-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-13212", "datePublished": "2018-01-12T23:00:00Z", "dateReserved": "2017-08-23T00:00:00", "dateUpdated": "2024-09-16T22:03:03.815Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-13148
Vulnerability from cvelistv5
Published
2017-12-06 14:00
Modified
2024-09-17 02:11
Severity ?
EPSS score ?
Summary
A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65717533.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-12-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/102126 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:58:12.358Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-12-01" }, { "name": "102126", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/102126" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" } ] } ], "datePublic": "2017-12-04T00:00:00", "descriptions": [ { "lang": "en", "value": "A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65717533." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-12T10:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-12-01" }, { "name": "102126", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/102126" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-12-04T00:00:00", "ID": "CVE-2017-13148", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65717533." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-12-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-12-01" }, { "name": "102126", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102126" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-13148", "datePublished": "2017-12-06T14:00:00Z", "dateReserved": "2017-08-23T00:00:00", "dateUpdated": "2024-09-17T02:11:45.427Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0583
Vulnerability from cvelistv5
Published
2017-04-07 22:00
Modified
2024-08-05 13:11
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Qualcomm CP access driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability specific details which limit the impact of the issue. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32068683. References: QC-CR#1103788.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-04-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/97368 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1038201 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.10 Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:11:06.574Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "97368", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/97368" }, { "name": "1038201", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038201" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.10" }, { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2017-04-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in the Qualcomm CP access driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability specific details which limit the impact of the issue. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32068683. References: QC-CR#1103788." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "97368", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/97368" }, { "name": "1038201", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038201" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0583", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.10" }, { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in the Qualcomm CP access driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability specific details which limit the impact of the issue. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32068683. References: QC-CR#1103788." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-04-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "97368", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97368" }, { "name": "1038201", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038201" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0583", "datePublished": "2017-04-07T22:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:11:06.574Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0699
Vulnerability from cvelistv5
Published
2017-07-06 20:00
Modified
2024-09-17 00:37
Severity ?
EPSS score ?
Summary
A information disclosure vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36490809.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/99478 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:04.900Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-07-01" }, { "name": "99478", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99478" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2" } ] } ], "datePublic": "2017-07-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A information disclosure vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36490809." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-07-01" }, { "name": "99478", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99478" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-07-05T00:00:00", "ID": "CVE-2017-0699", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A information disclosure vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36490809." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-07-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-07-01" }, { "name": "99478", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99478" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0699", "datePublished": "2017-07-06T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-17T00:37:04.671Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0585
Vulnerability from cvelistv5
Published
2017-04-07 22:00
Modified
2024-08-05 13:11
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32475556. References: B-RB#112953.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-04-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/97366 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1038201 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.10 Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:11:06.496Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "97366", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/97366" }, { "name": "1038201", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038201" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.10" }, { "status": "affected", "version": "Kernel-3.18" } ] } ], "datePublic": "2017-04-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32475556. References: B-RB#112953." } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "97366", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/97366" }, { "name": "1038201", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038201" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2017-0585", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Kernel-3.10" }, { "version_value": "Kernel-3.18" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32475556. References: B-RB#112953." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-04-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "97366", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97366" }, { "name": "1038201", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038201" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0585", "datePublished": "2017-04-07T22:00:00", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-08-05T13:11:06.496Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0757
Vulnerability from cvelistv5
Published
2017-09-08 20:00
Modified
2024-09-16 17:49
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/100649 | vdb-entry, x_refsource_BID | |
https://source.android.com/security/bulletin/2017-09-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 6.0 Version: 6.0.1 Version: 7.0 Version: 7.1.1 Version: 7.1.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:05.716Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "100649", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100649" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-09-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "6.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" } ] } ], "datePublic": "2017-09-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-09T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "name": "100649", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100649" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-09-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-09-05T00:00:00", "ID": "CVE-2017-0757", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "6.0" }, { "version_value": "6.0.1" }, { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "100649", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100649" }, { "name": "https://source.android.com/security/bulletin/2017-09-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-09-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0757", "datePublished": "2017-09-08T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T17:49:28.345Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-13282
Vulnerability from cvelistv5
Published
2018-04-04 16:00
Modified
2024-09-17 03:34
Severity ?
EPSS score ?
Summary
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71603315.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2018-04-01 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: 7.0 Version: 7.1.1 Version: 7.1.2 Version: 8.0 Version: 8.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T19:05:19.104Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2018-04-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "7.0" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "8.0" }, { "status": "affected", "version": "8.1" } ] } ], "datePublic": "2018-04-02T00:00:00", "descriptions": [ { "lang": "en", "value": "In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71603315." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-04-04T15:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2018-04-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2018-04-02T00:00:00", "ID": "CVE-2017-13282", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "7.0" }, { "version_value": "7.1.1" }, { "version_value": "7.1.2" }, { "version_value": "8.0" }, { "version_value": "8.1" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71603315." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote code execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2018-04-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2018-04-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-13282", "datePublished": "2018-04-04T16:00:00Z", "dateReserved": "2017-08-23T00:00:00", "dateUpdated": "2024-09-17T03:34:19.991Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2014-9953
Vulnerability from cvelistv5
Published
2018-04-04 18:00
Modified
2024-09-16 23:26
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714770.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-06-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/98874 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1038623 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android kernel |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T14:02:37.223Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98874", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98874" }, { "name": "1038623", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038623" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "datePublic": "2017-06-05T00:00:00", "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714770." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-04-05T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98874", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98874" }, { "name": "1038623", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1038623" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-06-05T00:00:00", "ID": "CVE-2014-9953", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714770." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-06-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "name": "98874", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98874" }, { "name": "1038623", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038623" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2014-9953", "datePublished": "2018-04-04T18:00:00Z", "dateReserved": "2017-03-28T00:00:00", "dateUpdated": "2024-09-16T23:26:21.146Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0711
Vulnerability from cvelistv5
Published
2017-07-06 20:00
Modified
2024-09-16 23:11
Severity ?
EPSS score ?
Summary
A elevation of privilege vulnerability in the MediaTek networking driver. Product: Android. Versions: Android kernel. Android ID: A-36099953. References: M-ALPS03206781.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-07-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/99466 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Android kernel |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:18:05.412Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-07-01" }, { "name": "99466", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99466" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "datePublic": "2017-07-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A elevation of privilege vulnerability in the MediaTek networking driver. Product: Android. Versions: Android kernel. Android ID: A-36099953. References: M-ALPS03206781." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-07T09:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://source.android.com/security/bulletin/2017-07-01" }, { "name": "99466", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99466" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "DATE_PUBLIC": "2017-07-05T00:00:00", "ID": "CVE-2017-0711", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "Google Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A elevation of privilege vulnerability in the MediaTek networking driver. Product: Android. Versions: Android kernel. Android ID: A-36099953. References: M-ALPS03206781." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2017-07-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-07-01" }, { "name": "99466", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99466" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2017-0711", "datePublished": "2017-07-06T20:00:00Z", "dateReserved": "2016-11-29T00:00:00", "dateUpdated": "2024-09-16T23:11:06.143Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-0567
Vulnerability from cvelistv5
Published
2017-04-07 22:00
Modified
2024-08-05 13:11
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32125310. References: B-RB#112575.
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2017-04-01 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/97331 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1038201 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Google Inc. | Android |
Version: Kernel-3.10 Version: Kernel-3.18 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:11:06.610Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2017-04-01" }, { "name": "97331", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/97331" }, { "name": "1038201", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038201" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "Google Inc.", "versions": [ { "status": "affected", "version": "Kernel-3.10" }, { "status": "affected", "version": "Kernel-3.18" } ] }