CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9706
https://notcve.org/view.php?id=CVE-2017-9706
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an array out-of-bounds access can potentially occur in a display driver. En Android for MSM, Firefox OS for MSM, QRD Android con todas las versiones de Android desde CAF usando el kernel de Linux, puede ocurrir un acceso fuera de límites a un array en un driver de pantalla. • http://www.securityfocus.com/bid/101160 https://source.android.com/security/bulletin/pixel/2017-10-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11054
https://notcve.org/view.php?id=CVE-2017-11054
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur. En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, mientras se procesa un comando de fabricante cfg80211 especialmente manipulado, puede ocurrir una sobrelectura de búfer. • http://www.securityfocus.com/bid/101160 https://source.android.com/security/bulletin/pixel/2017-10-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11067
https://notcve.org/view.php?id=CVE-2017-11067
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the Athdiag procfs entry does not have a proper address sanity check which may potentially lead to the use of an out-of-range pointer offset. En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, la entrada procfs de Athdiag no realiza una comprobación correcta del estado de la dirección, lo que puede derivar en el uso de un offset de puntero fuera de límites. • http://www.securityfocus.com/bid/101160 https://source.android.com/security/bulletin/pixel/2017-10-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9697
https://notcve.org/view.php?id=CVE-2017-9697
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command registration table entries in diag_dbgfs_read_table. En Android for MSM, Firefox OS for MSM, QRD Android con todas las versiones de Android desde CAF usando el kernel de Linux, una condición de carrera puede permitir el acceso a memoria ya liberada mientras lee entradas de la tabla de registro en diag_dbgfs_read_table. • http://www.securityfocus.com/bid/101160 https://source.android.com/security/bulletin/pixel/2017-10-01 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0CVE-2017-0810
https://notcve.org/view.php?id=CVE-2017-0810
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38207066. Existe una vulnerabilidad de ejecución remota de código en el media framework de Android (libmpeg2). • http://www.securityfocus.com/bid/101088 https://android.googlesource.com/platform/external/libmpeg2/+/7737780815fe523ad7b0e49456eb75d27a30818a https://source.android.com/security/bulletin/2017-10-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •