CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 1CVE-2017-0412 – Google Android - android.util.MemoryIntArray Ashmem Race Conditions
https://notcve.org/view.php?id=CVE-2017-0412
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33039926. • https://www.exploit-db.com/exploits/41355 http://www.securityfocus.com/bid/96056 http://www.securitytracker.com/id/1037798 https://source.android.com/security/bulletin/2017-02-01.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0428
https://notcve.org/view.php?id=CVE-2017-0428
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32401526. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 http://www.securityfocus.com/bid/96070 http://www.securitytracker.com/id/1037798 https://source.android.com/security/bulletin/2017-02-01.html • CWE-416: Use After Free •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2017-0443
https://notcve.org/view.php?id=CVE-2017-0443
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32877494. • http://www.securityfocus.com/bid/96047 http://www.securitytracker.com/id/1037798 https://source.android.com/security/bulletin/2017-02-01.html https://www.codeaurora.org/out-bounds-write-wlan-driver-function-wlanhddcfg80211setextroamparams-cve-2017-0443 •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2016-8419
https://notcve.org/view.php?id=CVE-2016-8419
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32454494. • http://www.securityfocus.com/bid/96047 http://www.securitytracker.com/id/1037798 https://source.android.com/security/bulletin/2017-02-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2017-0415
https://notcve.org/view.php?id=CVE-2017-0415
An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32706020. • http://www.securityfocus.com/bid/96089 http://www.securitytracker.com/id/1037798 https://source.android.com/security/bulletin/2017-02-01.html •