VYPR

Android Msm

by Codeaurora

CVEs (35)

  • CVE-2018-5908Nov 27, 2018
    risk 0.00cvss epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a possible buffer overflow in display function due to lack of buffer length validation before copying.

  • CVE-2018-11906Nov 27, 2018
    risk 0.00cvss epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a security concern with default privileged access to ADB and debug-fs.

  • CVE-2018-11956Nov 27, 2018
    risk 0.00cvss epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper mounting lead to device node and executable to be run from /dsp/ which presents a potential security issue.

  • CVE-2018-11946Nov 27, 2018
    risk 0.00cvss epss 0.00

    In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, the UPnP daemon should not be running out of box because it enables port forwarding without authentication.

  • CVE-2018-5873HigJul 6, 2018
    risk 0.00cvss 7.0epss 0.01

    An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM,…

  • CVE-2013-6124Aug 31, 2014
    risk 0.00cvss epss 0.00

    The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the…

  • CVE-2013-2599Aug 31, 2014
    risk 0.00cvss epss 0.01

    A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.3.x enables debug logging, which allows attackers to obtain…

  • CVE-2013-2598Aug 31, 2014
    risk 0.00cvss epss 0.00

    app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values…

  • CVE-2013-2595Aug 31, 2014
    risk 0.00cvss epss 0.01

    The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, enables MSM_CAM_IOCTL_SET_MEM_MAP_INFO ioctl calls for an unrestricted mmap…

  • CVE-2014-0972Aug 1, 2014
    risk 0.00cvss epss 0.00

    The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly prevent write access to IOMMU context registers, which allows local users to select a custom page table,…

  • CVE-2013-4736Feb 10, 2014
    risk 0.00cvss epss 0.01

    Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (system crash)…

  • CVE-2013-4739Feb 3, 2014
    risk 0.00cvss epss 0.00

    The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to obtain sensitive information from kernel stack memory via (1) a crafted MSM_MCR_IOCTL_EVT_GET ioctl call,…

  • CVE-2013-4738Feb 3, 2014
    risk 0.00cvss epss 0.00

    Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted…

  • CVE-2013-6123Jan 14, 2014
    risk 0.00cvss epss 0.00

    Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by…

  • CVE-2013-6392Nov 30, 2013
    risk 0.00cvss epss 0.00

    The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to…

Page 2 of 2