CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11054
https://notcve.org/view.php?id=CVE-2017-11054
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur. En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, mientras se procesa un comando de fabricante cfg80211 especialmente manipulado, puede ocurrir una sobrelectura de búfer. • http://www.securityfocus.com/bid/101160 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11062
https://notcve.org/view.php?id=CVE-2017-11062
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently attributes are not validated in __wlan_hdd_cfg80211_do_acs which can potentially lead to a buffer overread. En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, los atributos no se validan actualmente en _wlan_hdd_cfg80211_do_acs, lo que puede provocar una sobrelectura de búfer. • http://www.securityfocus.com/bid/101160 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11057
https://notcve.org/view.php?id=CVE-2017-11057
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in compatibility mode, flash_data from 64-bit userspace may cause disclosure of kernel memory or a fault due to using a userspace-provided address. En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, en modo compatibilidad, flash_data de userespace de 64 bits puede provocar que se revele la memoria del kernel o un fal... • http://www.securityfocus.com/bid/101160 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9697
https://notcve.org/view.php?id=CVE-2017-9697
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command registration table entries in diag_dbgfs_read_table. En Android for MSM, Firefox OS for MSM, QRD Android con todas las versiones de Android desde CAF usando el kernel de Linux, una condición de carrera puede permitir el acceso a memoria ya liberada mientras lee entradas de la tabla de registro en diag_dbgfs_read_table. • http://www.securityfocus.com/bid/101160 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11050
https://notcve.org/view.php?id=CVE-2017-11050
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when the pktlogconf tool gives a pktlog buffer of size less than the minimal possible source data size in the host driver, a buffer overflow can potentially occur. En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, cuando la herramienta pktlogconf proporciona un búfer pktlog de un tamaño inferior al tamaño de datos d... • http://www.securityfocus.com/bid/101160 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9717
https://notcve.org/view.php?id=CVE-2017-9717
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur. En Android for MSM, Firefox OS for MSM, QRD Android con todas las versiones de Android desde CAF usando el kernel de Linux, al analizar sintácticamente atributos Netlink, puede ocurrir una sobrelectura de búfer. • http://www.securityfocus.com/bid/101160 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11048
https://notcve.org/view.php?id=CVE-2017-11048
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a display driver function, a Use After Free condition can occur. En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, en una función de controlador de pantalla, puede ocurrir una condición de uso de memoria previamente liberada (User After Free). • http://www.securityfocus.com/bid/101160 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11055
https://notcve.org/view.php?id=CVE-2017-11055
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION cfg80211 vendor command, a buffer over-read can occur. En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, mientras se procesa un comando de fabricante QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION cfg80211 especialmente manipulad... • http://www.securityfocus.com/bid/101160 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11051
https://notcve.org/view.php?id=CVE-2017-11051
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, information disclosure is possible in function __wlan_hdd_cfg80211_testmode since buffer hb_params is not initialized to zero. En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, es posible que se produzca una divulgación de información en la función __wlan_hdd_cfg80211_testmode ya que el búfer hb_params no se inicial... • http://www.securityfocus.com/bid/101160 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9687
https://notcve.org/view.php?id=CVE-2017-9687
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, two concurrent threads/processes can write the value of "0" to the debugfs file that controls ipa ipc log which will lead to the double-free in ipc_log_context_destroy(). Another issue is the Use-After-Free which can happen due to the race condition when the ipc log is deallocated via the debugfs call during a log print. En Android for MSM, Firefox OS for MSM, QRD Android con todas las versiones d... • http://www.securityfocus.com/bid/101160 • CWE-415: Double Free •