Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Android
Total 8335 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-3580 1 Google 1 Android 2024-11-21 9.3 HIGH 7.8 HIGH
Stack-based buffer overflow can occur In the WLAN driver if the pmkid_count value is larger than the PMKIDCache size in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-3579 1 Google 1 Android 2024-11-21 2.1 LOW 5.5 MEDIUM
In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, event->num_entries_in_page is a value received from firmware that is not properly validated which can lead to a buffer over-read
CVE-2018-3578 1 Google 1 Android 2024-11-21 9.3 HIGH 7.8 HIGH
Type mismatch for ie_len can cause the WLAN driver to allocate less memory on the heap due to implicit casting leading to a heap buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-3577 1 Google 1 Android 2024-11-21 5.0 MEDIUM 7.5 HIGH
While processing fragments, when the fragment count becomes very large, an integer overflow leading to a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
CVE-2018-3576 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
improper validation of array index in WiFi driver function sapInterferenceRssiCount() leads to array out-of-bounds access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-3574 1 Google 1 Android 2024-11-21 2.1 LOW 5.5 MEDIUM
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, userspace can request ION cache maintenance on a secure ION buffer for which the ION_FLAG_SECURE ion flag is not set and cause the kernel to attempt to perform cache maintenance on memory which does not belong to HLOS.
CVE-2018-3573 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while relocating kernel images with a specially crafted boot image, an out of bounds access can occur.
CVE-2018-3572 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
While processing a DSP buffer in an audio driver's event handler, an index of a buffer is not checked before accessing the buffer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-3571 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In the KGSL driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a Use After Free condition can occur when printing information about sparse memory allocations
CVE-2018-3570 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In the cpuidle driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, the list_for_each macro was not used correctly which could lead to an untrusted pointer dereference.
CVE-2018-3569 1 Google 1 Android 2024-11-21 7.2 HIGH 7.8 HIGH
A buffer over-read can occur during a fast initial link setup (FILS) connection in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
CVE-2018-3568 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
CVE-2018-3567 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
CVE-2018-3566 1 Google 1 Android 2024-11-21 6.8 MEDIUM 7.8 HIGH
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overwrite may occur in ProcSetReqInternal() due to missing length check.
CVE-2018-3565 1 Google 1 Android 2024-11-21 9.3 HIGH 7.8 HIGH
While sending a probe request indication in lim_send_sme_probe_req_ind() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overflow can occur.
CVE-2018-3564 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails.
CVE-2018-3563 1 Google 1 Android 2024-11-21 6.8 MEDIUM 7.8 HIGH
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, untrusted pointer dereference in apr_cb_func can lead to an arbitrary code execution.
CVE-2018-3562 1 Google 1 Android 2024-11-21 7.1 HIGH 5.5 MEDIUM
Buffer over -read can occur while processing a FILS authentication frame in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-3561 1 Google 1 Android 2024-11-21 4.4 MEDIUM 7.0 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in diag_ioctl_lsm_deinit() leads to a Use After Free condition.
CVE-2018-3560 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Double Free vulnerability exists in Audio Driver while opening a sound compression device.