2016 VULNERABILITY DATABASE

 

 

CVE-2016-3748

Summary: The sockets subsystem in Android 6.x before 2016-07-01 allows attackers to bypass intended system-call restrictions via a crafted application that makes an ioctl call, aka internal bug 28171804.

Published: 7/10/2016 9:59:48 PM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 7.5 HIGH

 

CVE-2016-3747

Summary: Use-after-free vulnerability in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27903498.

Published: 7/10/2016 9:59:47 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 7.5 HIGH

 

CVE-2016-3746

Summary: Use-after-free vulnerability in the mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27890802.

Published: 7/10/2016 9:59:46 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 7.5 HIGH

 

CVE-2016-3745

Summary: Multiple buffer overflows in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to gain privileges via a crafted application that provides an AudioEffect reply, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 28173666.

Published: 7/10/2016 9:59:45 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 7.5 HIGH

 

CVE-2016-3744

Summary: Buffer overflow in the create_pbuf function in btif/src/btif_hh.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to gain privileges via a crafted pairing operation, aka internal bug 27930580.

Published: 7/10/2016 9:59:44 PM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 4.3 MEDIUM

 

CVE-2016-3743

Summary: decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-07-01 does not initialize certain data structures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 27907656.

Published: 7/10/2016 9:59:43 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 7.5 HIGH

 

CVE-2016-3742

Summary: decoder/ih264d_process_intra_mb.c in mediaserver in Android 6.x before 2016-07-01 mishandles intra mode, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28165659.

Published: 7/10/2016 9:59:42 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 7.5 HIGH

 

CVE-2016-3741

Summary: The H.264 decoder in mediaserver in Android 6.x before 2016-07-01 does not initialize certain slice data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28165661.

Published: 7/10/2016 9:59:41 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 7.5 HIGH

 

CVE-2016-2508

Summary: media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate certain track data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28799341.

Published: 7/10/2016 9:59:40 PM

 

CVE-2016-2507

Summary: Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28532266.

Published: 7/10/2016 9:59:39 PM

 

CVE-2016-2506

Summary: DRMExtractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate a certain offset value, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28175045.

Published: 7/10/2016 9:59:38 PM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 10.0 HIGH

 

CVE-2016-2505

Summary: mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x before 2016-07-01 does not validate a certain section length, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28333006.

Published: 7/10/2016 9:59:37 PM

 

CVE-2016-2503

Summary: The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28084795 and Qualcomm internal bug CR1006067.

Published: 7/10/2016 9:59:36 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

 

 

CVE-2016-2502

Summary: drivers/usb/gadget/f_serial.c in the Qualcomm USB driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a large size in a GSER_IOCTL ioctl call, aka Android internal bug 27657963 and Qualcomm internal bug CR997044.

Published: 7/10/2016 9:59:35 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

 

CVE-2016-2501

Summary: The Qualcomm camera driver in Android before 2016-07-05 on Nexus 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 27890772 and Qualcomm internal bug CR1001092.

Published: 7/10/2016 9:59:34 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

 

CVE-2016-2068

Summary: The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (integer overflow, and buffer overflow or buffer over-read) via a crafted application that performs a (1) AUDIO_EFFECTS_WRITE or (2) AUDIO_EFFECTS_READ operation, aka Qualcomm internal bug CR1006609.

Published: 7/10/2016 9:59:33 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

 

CVE-2016-2067

Summary: drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSL_MEMFLAGS_GPUREADONLY flag, which allows attackers to gain privileges by leveraging accidental read-write mappings, aka Qualcomm internal bug CR988993.

Published: 7/10/2016 9:59:32 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

 

CVE-2015-8893

Summary: app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to cause a denial of service (OS outage or buffer over-read) via a crafted application, aka Android internal bug 28822690 and Qualcomm internal bug CR822275.

Published: 7/10/2016 9:59:31 PM

 

CVSS Severity: v3 - 5.5 MEDIUM      v2 - 4.3 MEDIUM

 

CVE-2015-8892

Summary: platform/msm_shared/boot_verifier.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to bypass intended access restrictions via a digest with trailing data, aka Android internal bug 28822807 and Qualcomm internal bug CR902998.

Published: 7/10/2016 9:59:30 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

 

CVE-2015-8891

Summary: Multiple integer overflows in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to bypass intended access restrictions via a crafted image, aka Android internal bug 28842418 and Qualcomm internal bug CR813930.

Published: 7/10/2016 9:59:29 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

 

CVE-2015-8890

Summary: platform/msm_shared/partition_parser.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate certain GUID Partition Table (GPT) data, which allows attackers to bypass intended access restrictions via a crafted MultiMediaCard (MMC), aka Android internal bug 28822878 and Qualcomm internal bug CR823461.

Published: 7/10/2016 9:59:28 PM

 

CVE-2015-8889

Summary: The aboot implementation in the Qualcomm components in Android before 2016-07-05 on Nexus 6P devices omits the recovery PIN feature, which has unspecified impact and attack vectors, aka Android internal bug 28822677 and Qualcomm internal bug CR804067.

Published: 7/10/2016 9:59:27 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

 

CVE-2015-8888

Summary: Integer overflow in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to bypass intended access restrictions via a crafted block count and block size of a sparse header, aka Android internal bug 28822465 and Qualcomm internal bug CR813933.

Published: 7/10/2016 9:59:25 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

 

CVE-2014-9803

Summary: arch/arm64/include/asm/pgtable.h in the Linux kernel before 3.15-rc5-next-20140519, as used in Android before 2016-07-05 on Nexus 5X and 6P devices, mishandles execute-only pages, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28557020.

Published: 7/10/2016 9:59:24 PM

 

CVE-2014-9802

Summary: Multiple integer overflows in lib/libfdt/fdt.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28821965 and Qualcomm internal bug CR705108.

Published: 7/10/2016 9:59:23 PM

 

CVE-2014-9801

Summary: Multiple integer overflows in lib/libfdt/fdt_rw.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28822060 and Qualcomm internal bug CR705078.

Published: 7/10/2016 9:59:22 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

 

CVE-2014-9800

Summary: Integer overflow in lib/heap/heap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28822150 and Qualcomm internal bug CR692478.

Published: 7/10/2016 9:59:21 PM

 

CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

 

CVE-2014-9799

Summary: The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an integer-overflow protection mechanism, aka Android internal bug 28821731 and Qualcomm internal bug CR691916.

Published: 7/10/2016 9:59:20 PM

 

 

<<< New  Older >>>