VYPR

QCACLD

by Code Aurora Forum (CAF)

CVEs (10)

  • CVE-2018-11891HigSep 19, 2018
    risk 0.57cvss 8.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on the length of array while accessing can lead to an out of bound read in WLAN HOST function.

  • CVE-2018-11894HigSep 19, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing preferred network offload scan results integer overflow may lead to buffer overflow when large frame length is received from FW.

  • CVE-2018-11863HigSep 18, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy.

  • CVE-2018-11860HigSep 18, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a potential buffer over flow could occur while processing the ndp event due to lack of check on the message length.

  • CVE-2018-11827HigSep 18, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper validation of array index in WMA roam synchronization handler can lead to OOB write.

  • CVE-2018-11301HigSep 18, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on buffer length while processing debug log event from firmware can lead to an integer overflow.

  • CVE-2018-11296HigSep 18, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a message from firmware in WLAN handler, a buffer overwrite can occur.

  • CVE-2018-5834HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

  • CVE-2018-11293MedSep 18, 2018
    risk 0.37cvss 5.7epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, in wma_ndp_confirm_event_handler and wma_ndp_indication_event_handler, ndp_cfg len and num_ndp_app_info is from fw. If they are not checked, it may cause buffer over-read…

  • CVE-2018-11260Nov 27, 2018
    risk 0.00cvss epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a fast Initial link setup (FILS) connection request, integer overflow may lead to a buffer overflow when the key length is zero.