Google: >> Android >> 4.2 Security Vulnerabilities
In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel.
CVSS Score
7.0
EPSS Score
0.0
Published
2017-05-16
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-05-16
In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-05-16
In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-05-16
An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34259126. References: M-ALPS03150278.
CVSS Score
7.0
EPSS Score
0.001
Published
2017-05-12
An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34470286. References: M-ALPS03149160.
CVSS Score
7.0
EPSS Score
0.001
Published
2017-05-12
An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34471002. References: M-ALPS03149173.
CVSS Score
7.0
EPSS Score
0.001
Published
2017-05-12
An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-35100728. References: M-ALPS03161536.
CVSS Score
7.0
EPSS Score
0.0
Published
2017-05-12
An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35401152. References: QC-CR#826566.
CVSS Score
7.0
EPSS Score
0.0
Published
2017-05-12
An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35401052. References: QC-CR#1081711.
CVSS Score
7.0
EPSS Score
0.001
Published
2017-05-12