National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:google:android:2.3.5
There are 1,217 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2017-9680

In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error message.

Published: August 18, 2017; 03:29:00 PM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2017-9679

In all Qualcomm products with Android releases from CAF using the Linux kernel, if a userspace string is not NULL-terminated, kernel memory contents can leak to system logs.

Published: August 18, 2017; 03:29:00 PM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2017-9678

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy().

Published: August 18, 2017; 03:29:00 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-7364

In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (which could point to arbitrary kernel address), so on an error condition, this user-provided address will be freed (arbitrary free), and continued operation could result in use after free condition.

Published: August 18, 2017; 03:29:00 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-8272

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2017-8270

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.0 HIGH
    V2: 5.1 MEDIUM
CVE-2017-8268

In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-8267

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-8266

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.0 HIGH
    V2: 5.1 MEDIUM
CVE-2017-8265

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.0 HIGH
    V2: 5.1 MEDIUM
CVE-2017-8263

In all Qualcomm products with Android releases from CAF using the Linux kernel, a kernel fault can occur when doing certain operations on a read-only virtual address in userspace.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-8262

In all Qualcomm products with Android releases from CAF using the Linux kernel, in some memory allocation and free functions, a race condition can potentially occur leading to a Use After Free condition.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-8261

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a camera driver ioctl, a kernel overwrite can potentially occur.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2017-8260

In all Qualcomm products with Android releases from CAF using the Linux kernel, due to a type downcast, a value may improperly pass validation and cause an out of bounds write later.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2017-8257

In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sde_rotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2017-8256

In all Qualcomm products with Android releases from CAF using the Linux kernel, array out of bounds access can occur if userspace sends more than 16 multicast addresses.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2017-8255

In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-8254

In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2017-8253

In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-5872

In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated.

Published: August 18, 2017; 02:29:03 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH