CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0565
https://notcve.org/view.php?id=CVE-2017-0565
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175904. • http://www.securityfocus.com/bid/97349 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0578
https://notcve.org/view.php?id=CVE-2017-0578
An elevation of privilege vulnerability in the DTS sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33964406. • http://www.securityfocus.com/bid/97358 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0562
https://notcve.org/view.php?id=CVE-2017-0562
An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30202425. • http://www.securityfocus.com/bid/97345 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5349
https://notcve.org/view.php?id=CVE-2016-5349
The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications inside Qualcomm Secure Execution Environment (QSEE) receive memory addresses from a high level operating system (HLOS) such as Linux Android, those address have previously been verified as belonging to HLOS memory space rather than QSEE memory space, but they were not verified to be from HLOS user space rather than kernel space. This lack of verification could lead to privilege escalation within the HLOS. Los sistemas operativos de alto nivel (HLOS) no proveían suficiente información de direcciones de memoria como para garantizar que las aplicaciones seguras dentro de Qualcomm Secure Execution Environment (QSEE) solo escriben en rangos legítimos de memoria relacionados con el cliente de HLOS de la aplicación segura de QSEE. Cuando aplicaciones seguras dentro de Qualcomm Secure Execution Environment (QSEE) reciben direcciones de memoria desde un sistema operativo de alto nivel (HLOS) como Linux Android, estas direcciones han sido verificadas previamente como pertenecientes al espacio de memoria de HLOS en lugar de espacio de memoria de QSEE, pero no se verificó que fueran del espacio de usuario de HLOS en lugar de espacio del kernel. • http://www.securityfocus.com/bid/97364 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 https://www.codeaurora.org/insufficient-memory-address-information-prevent-arbitrary-memory-access-qsee-secure-applications-cve https://www.qualcomm.com/company/product-security/security-advisories • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 3%CPEs: 10EXPL: 0CVE-2016-10229
https://notcve.org/view.php?id=CVE-2016-10229
udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag. Udp.c en el kernel de Linux en versiones anteriores a 4.5 permite a los atacantes remotos ejecutar código arbitrario a través del tráfico UDP que dispara un segundo cálculo de checksum inseguro durante la ejecución de una llamada al sistema recv con el indicador MSG_PEEK. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=197c949e7798fbf28cfadc69d9ca0c2abbf93191 http://source.android.com/security/bulletin/2017-04-01.html http://www.securityfocus.com/bid/97397 http://www.securitytracker.com/id/1038201 https://github.com/torvalds/linux/commit/197c949e7798fbf28cfadc69d9ca0c2abbf93191 https://security.paloaltonetworks.com/CVE-2016-10229 • CWE-358: Improperly Implemented Security Check for Standard •