Linux kernel

CVEs (61)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2017-17764	Qualcomm Linux kernel	Hig	0.51	7.8	0.00	Feb 23, 2018	In all Qualcomm products with Android releases from CAF using the Linux kernel, the num_failure_info value from firmware is not properly validated in wma_rx_aggr_failure_event_handler() so that an integer overflow vulnerability in a buffer size calculation may potentially lead…
CVE-2017-15862	Qualcomm Linux kernel	Hig	0.51	7.8	0.00	Feb 23, 2018	In all Qualcomm products with Android releases from CAF using the Linux kernel, in wma_unified_link_radio_stats_event_handler(), the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow vulnerability followed by a…
CVE-2017-15861	Qualcomm Linux kernel	Hig	0.51	7.8	0.00	Feb 23, 2018	In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without validation.
CVE-2017-15820	Qualcomm Linux kernel	Hig	0.51	7.8	0.00	Feb 23, 2018	In all Qualcomm products with Android releases from CAF using the Linux kernel, in a KGSL IOCTL handler, a Use After Free Condition can potentially occur.
CVE-2017-15817	Qualcomm Linux kernel	Hig	0.51	7.8	0.01	Feb 23, 2018	In all Qualcomm products with Android releases from CAF using the Linux kernel, when an access point sends a challenge text greater than 128 bytes, the host driver is unable to validate this potentially leading to authentication failure.
CVE-2017-9724	Qualcomm Linux kernel	Hig	0.51	7.8	0.00	Sep 21, 2017	In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address.
CVE-2017-10999	Qualcomm Linux kernel	Hig	0.51	7.8	0.00	Sep 21, 2017	In all Qualcomm products with Android releases from CAF using the Linux kernel, concurrent calls into ioctl RMNET_IOCTL_ADD_MUX_CHANNEL in ipa wan driver may lead to memory corruption due to missing locks.
CVE-2017-10998	Qualcomm Linux kernel	Hig	0.51	7.8	0.00	Sep 21, 2017	In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. If the buffer length is large enough then the…
CVE-2017-10997	Qualcomm Linux kernel	Hig	0.51	7.8	0.00	Sep 21, 2017	In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory.
CVE-2017-9678	Qualcomm Linux kernel	Hig	0.51	7.8	0.00	Aug 18, 2017	In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy().
CVE-2016-10389	Qualcomm Linux kernel	Hig	0.51	7.8	0.00	Aug 18, 2017	In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition.
CVE-2017-14894	Qualcomm Linux kernel	Hig	0.47	7.3	0.00	Apr 3, 2018	In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in wma_vdev_start_resp_handler(), vdev id is received from firmware as part of WMI_VDEV_START_RESP_EVENTID. This…
CVE-2017-14890	Qualcomm Linux kernel	Hig	0.47	7.3	0.00	Apr 3, 2018	In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the processing of an SWBA event, the vdev_map value is not properly validated leading to a potential buffer…
CVE-2017-15829	Qualcomm Linux kernel	Hig	0.46	7.0	0.00	Feb 23, 2018	In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition.
CVE-2015-0576	Qualcomm Linux kernel	Hig	0.46	7.0	0.01	Aug 18, 2017	In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA.
CVE-2017-11040	Qualcomm Linux kernel	Med	0.36	5.5	0.00	Sep 21, 2017	In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to.
CVE-2017-11002	Qualcomm Linux kernel	Med	0.36	5.5	0.00	Sep 21, 2017	In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur.
CVE-2017-11001	Qualcomm Linux kernel	Med	0.36	5.5	0.00	Sep 21, 2017	In all Qualcomm products with Android releases from CAF using the Linux kernel, the length of the MAC address is not checked which may cause out of bounds read.
CVE-2017-10996	Qualcomm Linux kernel	Med	0.36	5.5	0.00	Sep 21, 2017	In all Qualcomm products with Android releases from CAF using the Linux kernel, out of bounds access is possible in c_show(), due to compat_hwcap_str[] not being NULL-terminated. This error is not fatal, however the device might crash/reboot with memory violation/out of bounds…
CVE-2017-15853	Qualcomm Linux kernel	Med	0.34	5.3	0.00	Apr 3, 2018	In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing PTT commands, ptt_sock_send_msg_to_app() is invoked without validating the packet length. If the…

CVE-2017-17764HigFeb 23, 2018
Qualcomm
Linux kernel
risk 0.51cvss 7.8epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, the num_failure_info value from firmware is not properly validated in wma_rx_aggr_failure_event_handler() so that an integer overflow vulnerability in a buffer size calculation may potentially lead…
CVE-2017-15862HigFeb 23, 2018
Qualcomm
Linux kernel
risk 0.51cvss 7.8epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, in wma_unified_link_radio_stats_event_handler(), the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow vulnerability followed by a…
CVE-2017-15861HigFeb 23, 2018
Qualcomm
Linux kernel
risk 0.51cvss 7.8epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without validation.
CVE-2017-15820HigFeb 23, 2018
Qualcomm
Linux kernel
risk 0.51cvss 7.8epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a KGSL IOCTL handler, a Use After Free Condition can potentially occur.
CVE-2017-15817HigFeb 23, 2018
Qualcomm
Linux kernel
risk 0.51cvss 7.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, when an access point sends a challenge text greater than 128 bytes, the host driver is unable to validate this potentially leading to authentication failure.
CVE-2017-9724HigSep 21, 2017
Qualcomm
Linux kernel
risk 0.51cvss 7.8epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address.
CVE-2017-10999HigSep 21, 2017
Qualcomm
Linux kernel
risk 0.51cvss 7.8epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, concurrent calls into ioctl RMNET_IOCTL_ADD_MUX_CHANNEL in ipa wan driver may lead to memory corruption due to missing locks.
CVE-2017-10998HigSep 21, 2017
Qualcomm
Linux kernel
risk 0.51cvss 7.8epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. If the buffer length is large enough then the…
CVE-2017-10997HigSep 21, 2017
Qualcomm
Linux kernel
risk 0.51cvss 7.8epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory.
CVE-2017-9678HigAug 18, 2017
Qualcomm
Linux kernel
risk 0.51cvss 7.8epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy().
CVE-2016-10389HigAug 18, 2017
Qualcomm
Linux kernel
risk 0.51cvss 7.8epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition.
CVE-2017-14894HigApr 3, 2018
Qualcomm
Linux kernel
risk 0.47cvss 7.3epss 0.00
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in wma_vdev_start_resp_handler(), vdev id is received from firmware as part of WMI_VDEV_START_RESP_EVENTID. This…
CVE-2017-14890HigApr 3, 2018
Qualcomm
Linux kernel
risk 0.47cvss 7.3epss 0.00
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the processing of an SWBA event, the vdev_map value is not properly validated leading to a potential buffer…
CVE-2017-15829HigFeb 23, 2018
Qualcomm
Linux kernel
risk 0.46cvss 7.0epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition.
CVE-2015-0576HigAug 18, 2017
Qualcomm
Linux kernel
risk 0.46cvss 7.0epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA.
CVE-2017-11040MedSep 21, 2017
Qualcomm
Linux kernel
risk 0.36cvss 5.5epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to.
CVE-2017-11002MedSep 21, 2017
Qualcomm
Linux kernel
risk 0.36cvss 5.5epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur.
CVE-2017-11001MedSep 21, 2017
Qualcomm
Linux kernel
risk 0.36cvss 5.5epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length of the MAC address is not checked which may cause out of bounds read.
CVE-2017-10996MedSep 21, 2017
Qualcomm
Linux kernel
risk 0.36cvss 5.5epss 0.00
In all Qualcomm products with Android releases from CAF using the Linux kernel, out of bounds access is possible in c_show(), due to compat_hwcap_str[] not being NULL-terminated. This error is not fatal, however the device might crash/reboot with memory violation/out of bounds…
CVE-2017-15853MedApr 3, 2018
Qualcomm
Linux kernel
risk 0.34cvss 5.3epss 0.00
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing PTT commands, ptt_sock_send_msg_to_app() is invoked without validating the packet length. If the…

Page 3 of 4