CVSS: 7.8EPSS: 7%CPEs: 21EXPL: 1CVE-2017-14496 – Dnsmasq < 2.78 - Integer Underflow
https://notcve.org/view.php?id=CVE-2017-14496
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. Un desbordamiento inferior de enteros en las versiones anteriores a la 2.78 de dnsmasq, cuando están especificadas las opciones --add-mac, --add-cpe-id o --add-subnet, permite que los atacantes remotos provoquen una denegación de servicio mediante una petición DNS manipulada. An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. • https://www.exploit-db.com/exploits/42946 http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html http://nvidia.custhelp.com/app/answers/detail/a_id/4561 http://thekelleys.org.uk/dnsmasq/CHANGELOG http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7 http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt http://www.debian.org/security/2017/dsa-3989 http://www.securityfocus.com/bid/101085 http://www.securityfocu • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5868
https://notcve.org/view.php?id=CVE-2016-5868
drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process. drivers/net/ethernet/msm/rndis_ipa.c en el controlador de networking de Qualcomm en Android permite que los atacantes remotos ejecuten código arbitrario mediante una aplicación manipulada que compromete un proceso privilegiado. • http://www.securityfocus.com/bid/98197 https://source.android.com/security/bulletin/2017-05-01 https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9724
https://notcve.org/view.php?id=CVE-2017-9724
In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address. En todos los productos Qualcomm con distribuciones Android desde CAF empleando el kernel Linux, los permisos de nivel de usuario se pueden emplear para conseguir acceder a la memoria del kernel. Específicamente, el código de mantenimiento de la caché ION está escribiendo a una dirección proporcionada por el usuario. • http://www.securityfocus.com/bid/100658 https://source.android.com/security/bulletin/2017-09-01 • CWE-269: Improper Privilege Management •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8281
https://notcve.org/view.php?id=CVE-2017-8281
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI. Una condición de carrera puede permitir el acceso a la memoria ya liberada al consultar el estado de un evento mediante DCI en todos los productos Qualcomm con distribuciones Android desde CAF empleando el kernel Linux podría desembocar en una condición use-after-free. • http://www.securityfocus.com/bid/100658 https://source.android.com/security/bulletin/2017-09-01 https://source.android.com/security/bulletin/pixel/2017-12-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9725 – kernel: Incorrect type conversion for size during dma allocation
https://notcve.org/view.php?id=CVE-2017-9725
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail. En todos los productos Qualcomm con distribuciones Android desde CAF empleando el kernel Linux, durante la asignación de DMA, el tamaño de asignación se trunca, lo que permite que la asignación sea un éxito cuando debería fallar. Esto se debe a un tipo de tamaño de datos erróneo. A flaw was found where the kernel truncated the value used to indicate the size of a buffer which it would later become zero using an untruncated value. This can corrupt memory outside of the original allocation. • http://www.securityfocus.com/bid/100658 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1130 https://access.redhat.com/errata/RHSA-2018:1170 https://source.android.com/security/bulletin/2017-09-01 https://access.redhat.com/security/cve/CVE-2017-9725 https://bugzilla.redhat.com/show_bug.cgi?id=1489088 • CWE-681: Incorrect Conversion between Numeric Types CWE-682: Incorrect Calculation •