Page 31 of 757 results (0.021 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function msm_dba_register_client, if the client registers failed, it would be freed. However the client was not removed from list. Use-after-free would occur when traversing the list next time. En todos los productos Qualcomm con distribuciones Android desde CAF empleando el kernel Linux, si el registro de clientes fracasa en la función msm_dba_register_client, se liberaría. Sin embargo, el cliente no fue eliminado de la lista. • http://www.securityfocus.com/bid/100658 https://source.android.com/security/bulletin/2017-09-01 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write. En todos los productos Qualcomm con sistemas operativos Android distribuidos desde el CAF utilizando el kernel de Linux, en una función del driver del kernel de ISP Camera, una comprobación en los límites incorrectos podría provocar una escritura fuera de límites. • http://www.securityfocus.com/bid/100658 https://source.android.com/security/bulletin/2017-09-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI. Una condición de carrera puede permitir el acceso a la memoria ya liberada al consultar el estado de un evento mediante DCI en todos los productos Qualcomm con distribuciones Android desde CAF empleando el kernel Linux podría desembocar en una condición use-after-free. • http://www.securityfocus.com/bid/100658 https://source.android.com/security/bulletin/2017-09-01 https://source.android.com/security/bulletin/pixel/2017-12-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

A elevation of privilege vulnerability in the MediaTek auxadc driver. Product: Android. Versions: Android kernel. Android ID: A-62458865. References: M-ALPS03353884, M-ALPS03353886, M-ALPS03353887. • http://www.securityfocus.com/bid/100652 https://source.android.com/security/bulletin/2017-09-01 •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

A elevation of privilege vulnerability in the MediaTek libmtkomxvdec. Product: Android. Versions: Android kernel. Android ID: A-38447970. References: M-ALPS03337980. • http://www.securityfocus.com/bid/100652 https://source.android.com/security/bulletin/2017-09-01 •