CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2016-6755
https://notcve.org/view.php?id=CVE-2016-6755
12 Jan 2017 — An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30740545. • http://www.securityfocus.com/bid/94676 • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-6759
https://notcve.org/view.php?id=CVE-2016-6759
12 Jan 2017 — An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29982686. • http://www.securityfocus.com/bid/94677 • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-6760
https://notcve.org/view.php?id=CVE-2016-6760
12 Jan 2017 — An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29617572. • http://www.securityfocus.com/bid/94677 • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6790
https://notcve.org/view.php?id=CVE-2016-6790
12 Jan 2017 — An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.18. Android ID: A-31251628. • http://www.securityfocus.com/bid/94678 • CWE-284: Improper Access Control •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6779
https://notcve.org/view.php?id=CVE-2016-6779
12 Jan 2017 — An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31386004. • http://www.securityfocus.com/bid/94675 • CWE-284: Improper Access Control •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6780
https://notcve.org/view.php?id=CVE-2016-6780
12 Jan 2017 — An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31251496. • http://www.securityfocus.com/bid/94675 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8400
https://notcve.org/view.php?id=CVE-2016-8400
12 Jan 2017 — An information disclosure vulnerability in the NVIDIA librm library (libnvrm) could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: Kernel-3.18. Android ID: A-31251599. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-6758
https://notcve.org/view.php?id=CVE-2016-6758
12 Jan 2017 — An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30148882. • http://www.securityfocus.com/bid/94677 • CWE-284: Improper Access Control •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2016-8410
https://notcve.org/view.php?id=CVE-2016-8410
12 Jan 2017 — An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31498403. • http://www.securityfocus.com/bid/94709 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2016-9754 – Ubuntu Security Notice USN-3422-2
https://notcve.org/view.php?id=CVE-2016-9754
05 Jan 2017 — The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file. La función ring_buffer_resize en kernel/trace/ring_buffer.c en el subsistema de creación de perfiles del kernel de Linux en versiones anteriores a 4.6.1 no maneja adecuadamente ciertos cálculos de entero, lo que permite a usuarios locales o... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=59643d1535eb220668692a5359de22545af579f6 • CWE-190: Integer Overflow or Wraparound •