VYPR

bootloader

by Qualcomm

CVEs (8)

  • CVE-2018-5888HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    While processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

  • CVE-2018-5887HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    While processing the USB StrSerialDescriptor array, an array index out of bounds can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

  • CVE-2016-10276HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-10275HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0455HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in…

  • CVE-2016-8423HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-8422HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2014-9799HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an…