CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8280
https://notcve.org/view.php?id=CVE-2017-8280
21 Sep 2017 — In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a memory leak and a buffer overflow during the context switch. En todos los productos Qualcomm con distribuciones Android desde CAF empleando el kernel Linux, durante la operación de guardado y recuperación de datos de calibración wlan , existen algunas condiciones de carrera potenciales que podrían conducir a un... • http://www.securityfocus.com/bid/100658 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9724
https://notcve.org/view.php?id=CVE-2017-9724
21 Sep 2017 — In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address. En todos los productos Qualcomm con distribuciones Android desde CAF empleando el kernel Linux, los permisos de nivel de usuario se pueden emplear para conseguir acceder a la memoria del kernel. Específicamente, el código de mantenimiento de la caché ION está escribiendo a una dir... • http://www.securityfocus.com/bid/100658 • CWE-269: Improper Privilege Management •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8278
https://notcve.org/view.php?id=CVE-2017-8278
21 Sep 2017 — In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur. En todos los productos Qualcomm con distribuciones Android desde CAF empleando el kernel Linux, podría ocurrir un desbordamiento de búfer o de enteros al leer datos de audio desde un controlador sin especificar. • http://www.securityfocus.com/bid/100658 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11040
https://notcve.org/view.php?id=CVE-2017-11040
21 Sep 2017 — In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to. En todos los productos Qualcomm con sistemas operativos Android distribuidos desde el CAF utilizando el kernel de Linux, cuando se lee desde los nodos sysfs, se podría acceder a más información de la que se debería. • http://www.securityfocus.com/bid/100658 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0800
https://notcve.org/view.php?id=CVE-2017-0800
08 Sep 2017 — A elevation of privilege vulnerability in the MediaTek teei. Product: Android. Versions: Android kernel. Android ID: A-37683975. References: M-ALPS03302988. • http://www.securityfocus.com/bid/100652 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0794 – Ubuntu Security Notice USN-3798-2
https://notcve.org/view.php?id=CVE-2017-0794
08 Sep 2017 — A elevation of privilege vulnerability in the Upstream kernel scsi driver. Product: Android. Versions: Android kernel. Android ID: A-35644812. Existe una vulnerabilidad de elevación de privilegios en el driver scsi del kernel Upstream. • http://www.securityfocus.com/bid/100667 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0795
https://notcve.org/view.php?id=CVE-2017-0795
08 Sep 2017 — A elevation of privilege vulnerability in the MediaTek accessory detector driver. Product: Android. Versions: Android kernel. Android ID: A-36198473. References: M-ALPS03361480. • http://www.securityfocus.com/bid/100652 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0803
https://notcve.org/view.php?id=CVE-2017-0803
08 Sep 2017 — A elevation of privilege vulnerability in the MediaTek accessory detector driver. Product: Android. Versions: Android kernel. Android ID: A-36136137. References: M-ALPS03361477. • http://www.securityfocus.com/bid/100652 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0801
https://notcve.org/view.php?id=CVE-2017-0801
08 Sep 2017 — A elevation of privilege vulnerability in the MediaTek libmtkomxvdec. Product: Android. Versions: Android kernel. Android ID: A-38447970. References: M-ALPS03337980. • http://www.securityfocus.com/bid/100652 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0804
https://notcve.org/view.php?id=CVE-2017-0804
08 Sep 2017 — A elevation of privilege vulnerability in the MediaTek mmc driver. Product: Android. Versions: Android kernel. Android ID: A-36274676. References: M-ALPS03361487. • http://www.securityfocus.com/bid/100652 •