Total
5307 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-0823 | 2 Google, Linux | 2 Android, Linux Kernel | 2016-11-28 | 2.1 LOW | 4.0 MEDIUM |
| The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721. | |||||
| CVE-2015-8950 | 1 Linux | 1 Linux Kernel | 2016-11-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call. | |||||
| CVE-2015-8964 | 1 Linux | 1 Linux Kernel | 2016-11-28 | 7.1 HIGH | 5.5 MEDIUM |
| The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure. | |||||
| CVE-2015-8963 | 1 Linux | 1 Linux Kernel | 2016-11-28 | 7.6 HIGH | 7.0 HIGH |
| Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation. | |||||
| CVE-2015-8953 | 1 Linux | 1 Linux Kernel | 2016-11-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service (dentry reference leak) via filesystem operations on a large file in a lower overlayfs layer. | |||||
| CVE-2015-8944 | 2 Google, Linux | 2 Android, Linux Kernel | 2016-11-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information by reading this file, aka Android internal bug 28814213 and Qualcomm internal bug CR786116. NOTE: the permissions may be intentional in most non-Android contexts. | |||||
| CVE-2015-8955 | 2 Google, Linux | 2 Android, Linux Kernel | 2016-11-28 | 6.9 MEDIUM | 7.3 HIGH |
| arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs. | |||||
| CVE-2015-8019 | 1 Linux | 1 Linux Kernel | 2016-11-28 | 7.2 HIGH | 7.8 HIGH |
| The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call. | |||||
| CVE-2014-9895 | 2 Google, Linux | 2 Android, Linux Kernel | 2016-11-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28750150 and Qualcomm internal bug CR570757, a different vulnerability than CVE-2014-1739. | |||||
| CVE-2014-9870 | 2 Google, Linux | 2 Android, Linux Kernel | 2016-11-28 | 9.3 HIGH | 7.8 HIGH |
| The Linux kernel before 3.11 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly consider user-space access to the TPIDRURW register, which allows local users to gain privileges via a crafted application, aka Android internal bug 28749743 and Qualcomm internal bug CR561044. | |||||
| CVE-2014-9903 | 1 Linux | 1 Linux Kernel | 2016-11-28 | 2.1 LOW | 5.5 MEDIUM |
| The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call. | |||||
| CVE-2014-9900 | 2 Google, Linux | 2 Android, Linux Kernel | 2016-11-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28803952 and Qualcomm internal bug CR570754. | |||||
| CVE-2014-9892 | 2 Google, Linux | 2 Android, Linux Kernel | 2016-11-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717. | |||||
| CVE-2014-9888 | 2 Google, Linux | 3 Nexus 5, Nexus 7, Linux Kernel | 2016-11-28 | 7.2 HIGH | 7.8 HIGH |
| arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 and Qualcomm internal bug CR642735. | |||||
| CVE-2014-8480 | 1 Linux | 1 Linux Kernel | 2016-11-28 | 4.9 MEDIUM | N/A |
| The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application. | |||||
| CVE-2010-5313 | 1 Linux | 1 Linux Kernel | 2016-11-28 | 4.9 MEDIUM | N/A |
| Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842. | |||||
| CVE-2006-1523 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 10.0 HIGH | N/A |
| The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON. | |||||
| CVE-2005-3810 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 7.8 HIGH | N/A |
| ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via a message without ICMP ID (ICMP_ID) information, which leads to a null dereference. | |||||
| CVE-2005-3809 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 7.8 HIGH | N/A |
| The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via an update message without private protocol information, which triggers a null dereference. | |||||
| CVE-2005-3847 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 4.0 MEDIUM | N/A |
| The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a real-time threaded process while it is performing a core dump. | |||||