CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0328
https://notcve.org/view.php?id=CVE-2017-0328
05 Apr 2017 — An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-33898322. • http://www.securityfocus.com/bid/97347 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0332
https://notcve.org/view.php?id=CVE-2017-0332
05 Apr 2017 — An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-33812508. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-787: Out-of-bounds Write •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0330
https://notcve.org/view.php?id=CVE-2017-0330
05 Apr 2017 — An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-33899858. • http://www.securityfocus.com/bid/97347 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0327
https://notcve.org/view.php?id=CVE-2017-0327
05 Apr 2017 — An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-33893669. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0329
https://notcve.org/view.php?id=CVE-2017-0329
05 Apr 2017 — An elevation of privilege vulnerability in the NVIDIA boot and power management processor driver could enable a local malicious application to execute arbitrary code within the context of the boot and power management processor. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.18. Android ID:A-34115304. • http://www.securityfocus.com/bid/97353 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0339
https://notcve.org/view.php?id=CVE-2017-0339
05 Apr 2017 — An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-27930566. • http://www.securityfocus.com/bid/97333 •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0325
https://notcve.org/view.php?id=CVE-2017-0325
05 Apr 2017 — An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10 and Kernel 3.18. Android ID: A-33040280. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2017-2671 – Linux Kernel - 'ping' Local Denial of Service
https://notcve.org/view.php?id=CVE-2017-2671
05 Apr 2017 — The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call. En LightDM en versiones hasta 1.22.0, un problema de directorio transversal en debian/guest-account.sh permite a atacantes locales allows local attackers poseer ubicaciones de... • https://packetstorm.news/files/id/142872 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5870
https://notcve.org/view.php?id=CVE-2016-5870
04 Apr 2017 — The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact by triggering failure of an accept system call for an AF_MSM_IPC socket. La función msm_ipc_router_close en net/ipc_router/ipc_router_socket.c en componente ipc_router p... • http://www.securityfocus.com/bid/97414 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10318
https://notcve.org/view.php?id=CVE-2016-10318
04 Apr 2017 — A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service. Una comprobación de autorización que falta en la función fscrypt_process_policy en fs/crypto/policy.c en el soporte de cifrado del sistema de archivos ext4 y f2fs en el kernel de Linux en versiones anteriores... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=163ae1c6ad6299b19e22b4a35d5ab24a89791a98 • CWE-264: Permissions, Privileges, and Access Controls •