CVE-2017-11000
https://notcve.org/view.php?id=CVE-2017-11000
In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write. En todos los productos Qualcomm con sistemas operativos Android distribuidos desde el CAF utilizando el kernel de Linux, en una función del driver del kernel de ISP Camera, una comprobación en los límites incorrectos podría provocar una escritura fuera de límites. • http://www.securityfocus.com/bid/100658 https://source.android.com/security/bulletin/2017-09-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-8281
https://notcve.org/view.php?id=CVE-2017-8281
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI. Una condición de carrera puede permitir el acceso a la memoria ya liberada al consultar el estado de un evento mediante DCI en todos los productos Qualcomm con distribuciones Android desde CAF empleando el kernel Linux podría desembocar en una condición use-after-free. • http://www.securityfocus.com/bid/100658 https://source.android.com/security/bulletin/2017-09-01 https://source.android.com/security/bulletin/pixel/2017-12-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2017-0782
https://notcve.org/view.php?id=CVE-2017-0782
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237. Existe una vulnerabilidad de ejecución remota de código en el sistema Android (bluetooth). • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/100822 https://source.android.com/security/bulletin/2017-09-01 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2017-0783
https://notcve.org/view.php?id=CVE-2017-0783
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63145701. Existe una vulnerabilidad de divulgación de información en el sistema de Android (bluetooth). • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/100811 https://source.android.com/security/bulletin/2017-09-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-0781 – LineageOS 14.1 Blueborne - Remote Code Execution
https://notcve.org/view.php?id=CVE-2017-0781
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105. Existe una vulnerabilidad de ejecución remota de código en el sistema Android (bluetooth). • https://www.exploit-db.com/exploits/44415 https://www.exploit-db.com/exploits/44554 https://github.com/ojasookert/CVE-2017-0781 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/100810 https://source.android.com/security/bulletin/2017-09-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •