CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9706
https://notcve.org/view.php?id=CVE-2017-9706
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an array out-of-bounds access can potentially occur in a display driver. En Android for MSM, Firefox OS for MSM, QRD Android con todas las versiones de Android desde CAF usando el kernel de Linux, puede ocurrir un acceso fuera de límites a un array en un driver de pantalla. • http://www.securityfocus.com/bid/101160 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11053
https://notcve.org/view.php?id=CVE-2017-11053
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when qos map set IE of length less than 16 is received in association response or in qos map configure action frame, a buffer overflow can potentially occur in ConvertQosMapsetFrame(). En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, cuando se recibe un QoS map set IE de longitud inferior a 16 en una respuesta de a... • http://www.securityfocus.com/bid/101117 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9686
https://notcve.org/view.php?id=CVE-2017-9686
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging is used. En Android for MSM, Firefox OS for MSM, QRD Android con todas las versiones de Android desde CAF usando el kernel de Linux, hay una posible doble liberación (double free)/uso de memoria previamente liberada en el controlador SPS cuando se usa el registro debugfs. • http://www.securityfocus.com/bid/101160 • CWE-415: Double Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11060
https://notcve.org/view.php?id=CVE-2017-11060
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively. Android ID: A-36817548. References: QC-CR#2058447, QC-CR#2054770. En Android for MSM, Firefox OS for MSM, Q... • http://www.securityfocus.com/bid/101160 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11067
https://notcve.org/view.php?id=CVE-2017-11067
10 Oct 2017 — In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the Athdiag procfs entry does not have a proper address sanity check which may potentially lead to the use of an out-of-range pointer offset. En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, la entrada procfs de Athdiag no realiza una comprobación correcta del estado de la dirección, lo que puede derivar en el uso ... • http://www.securityfocus.com/bid/101160 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0815
https://notcve.org/view.php?id=CVE-2017-0815
03 Oct 2017 — An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63526567. Existe una vulnerabilidad de divulgación de información en el media framework de Android (libeffects). • http://www.securityfocus.com/bid/101088 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2017-0820
https://notcve.org/view.php?id=CVE-2017-0820
03 Oct 2017 — A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62187433. Existe una vulnerabilidad en el media framework de Android (n/a). • http://www.securityfocus.com/bid/101151 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-0818
https://notcve.org/view.php?id=CVE-2017-0818
03 Oct 2017 — A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63581671. Existe una vulnerabilidad en el media framework de Android (n/a). • http://www.securityfocus.com/bid/101151 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0828
https://notcve.org/view.php?id=CVE-2017-0828
03 Oct 2017 — An elevation of privilege vulnerability in the Huawei bootloader. Product: Android. Versions: Android kernel. Android ID: A-34622855. Existe una vulnerabilidad de elevación de privilegios en el bootloader de Huawei. • https://source.android.com/security/bulletin/pixel/2017-10-01 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0829
https://notcve.org/view.php?id=CVE-2017-0829
03 Oct 2017 — An elevation of privilege vulnerability in the Motorola bootloader. Product: Android. Versions: Android kernel. Android ID: A-62345044. Existe una vulnerabilidad de elevación de privilegios en el bootloader de Motorola. • https://source.android.com/security/bulletin/pixel/2017-10-01 •