Google: >> Android >> 7.1 Security Vulnerabilities
In all Android releases from CAF using the Linux kernel, a DRM key was exposed to QTEE applications.
CVSS Score
3.3
EPSS Score
0.001
Published
2017-06-13
In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a pointer.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-06-13
In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-13
In all Android releases from CAF using the Linux kernel, a sensitive system call was allowed to be called by HLOS.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-13
In all Android releases from CAF using the Linux kernel, a dynamically-protected DDR region could potentially get overwritten.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-13
Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-05-23
In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-05-16
In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-05-16
In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-05-16
In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability could potentially occur.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-05-16