Summary |
Description |
CVE |
Remote Code Execution Vulnerabilities in Mediaserver |
Remote code execution vulnerabilities in mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. |
CVE-2017-0407 |
Remote Code Execution Vulnerability in libstagefright |
A remote code execution vulnerability in libstagefright could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. |
CVE-2017-0409 |
Elevation of Privilege Vulnerability in Framework APIs |
An elevation of privilege vulnerability in the framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. |
CVE-2017-0410 |
Elevation of Privilege Vulnerability in Mediaserver |
An elevation of privilege vulnerability in mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. |
CVE-2017-0415 |
Elevation of Privilege Vulnerabilities in Audioserver |
Elevation of privilege vulnerabilities in audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. |
CVE-2017-0416
CVE-2017-0417
CVE-2017-0418
CVE-2017-0419 |
Information Disclosure Vulnerabilities in AOSP Messaging |
Information disclosure vulnerabilities in AOSP messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications. |
CVE-2017-0413
CVE-2017-0414 |
Information Disclosure Vulnerability in Framework APIs |
An information disclosure vulnerability in the Framework APIs could enable a local malicious application to bypass operating system protections that isolate application data from other applications. |
CVE-2017-0421 |
Denial of Service Vulnerability in Bionic DNS |
A denial of service vulnerability in Bionic DNS could enable a remote attacker to use a specially crafted network packet to cause a device hang or reboot. |
CVE-2017-0422 |
Elevation of Privilege Vulnerability in Bluetooth |
An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage access to documents on the device. |
CVE-2017-0423 |
Information Disclosure Vulnerability in AOSP Messaging |
An information disclosure vulnerability in AOSP messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. |
CVE-2017-0424 |
Information Disclosure Vulnerability in Audioserver |
An information disclosure vulnerability in audioserver could enable a local malicious application to access data outside of its permission levels. |
CVE-2017-0425 |
Remote Code Execution Vulnerability in Qualcomm Crypto Driver |
A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. |
CVE-2016-8418 |
Elevation of Privilege Vulnerability in Kernel File System |
An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2017-0427 |
Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver |
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2017-0430 |
Vulnerability in Qualcomm Components |
A denial of service vulnerability caused by improper data validation on DES3 object and DsaSignDigest in GP library operations. |
CVE-2017-0431 |
Elevation of Privilege Vulnerability in Qualcomm Secure Execution Environment Communicator Driver |
An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2016-8480 |
Elevation of Privilege Vulnerabilities in Qualcomm Sound Driver |
Elevation of privilege vulnerabilities in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2016-8481
CVE-2017-0435
CVE-2017-0436 |
Elevation of Privilege Vulnerabilities in Qualcomm Wi-Fi Driver |
Elevation of privilege vulnerabilities in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2017-0437
CVE-2017-0438
CVE-2017-0439
CVE-2016-8419
CVE-2016-8420
CVE-2016-8421
CVE-2017-0440
CVE-2017-0441
CVE-2017-0442
CVE-2017-0443
CVE-2016-8476 |
Elevation of Privilege Vulnerability in Broadcom Wi-Fi Driver |
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2017-0449 |
Elevation of Privilege Vulnerability in Kernel File System |
An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to bypass protections that prevent an escalation of privileges. |
CVE-2016-10044 |
Information Disclosure Vulnerability in Qualcomm Secure Execution Environment Communicator |
An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels. |
CVE-2016-8414 |
Information Disclosure Vulnerability in Qualcomm Sound Driver |
An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. |
CVE-2017-0451 |