Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2018-AVI-320
Vulnerability from certfr_avis - Published: 2018-07-03 - Updated: 2018-07-03
De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Google Android toutes versions n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 du 02 juillet 2018",
"product": {
"name": "Android",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-5865",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5865"
},
{
"name": "CVE-2017-1000",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000"
},
{
"name": "CVE-2018-9412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9412"
},
{
"name": "CVE-2018-5874",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5874"
},
{
"name": "CVE-2018-5862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5862"
},
{
"name": "CVE-2018-5876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5876"
},
{
"name": "CVE-2018-9428",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9428"
},
{
"name": "CVE-2017-18131",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18131"
},
{
"name": "CVE-2018-5703",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5703"
},
{
"name": "CVE-2018-11257",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11257"
},
{
"name": "CVE-2018-9365",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9365"
},
{
"name": "CVE-2017-18171",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18171"
},
{
"name": "CVE-2018-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3570"
},
{
"name": "CVE-2018-9423",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9423"
},
{
"name": "CVE-2018-5872",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5872"
},
{
"name": "CVE-2017-13078",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13078"
},
{
"name": "CVE-2018-9426",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9426"
},
{
"name": "CVE-2018-5859",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5859"
},
{
"name": "CVE-2018-3586",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3586"
},
{
"name": "CVE-2018-5873",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5873"
},
{
"name": "CVE-2018-6927",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6927"
},
{
"name": "CVE-2018-9411",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9411"
},
{
"name": "CVE-2018-9416",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9416"
},
{
"name": "CVE-2018-9430",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9430"
},
{
"name": "CVE-2018-9410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9410"
},
{
"name": "CVE-2018-9424",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9424"
},
{
"name": "CVE-2018-11259",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11259"
},
{
"name": "CVE-2018-9376",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9376"
},
{
"name": "CVE-2018-5838",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5838"
},
{
"name": "CVE-2017-18279",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18279"
},
{
"name": "CVE-2017-18173",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18173"
},
{
"name": "CVE-2017-18275",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18275"
},
{
"name": "CVE-2018-5837",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5837"
},
{
"name": "CVE-2017-0606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0606"
},
{
"name": "CVE-2018-9421",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9421"
},
{
"name": "CVE-2017-18172",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18172"
},
{
"name": "CVE-2017-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18276"
},
{
"name": "CVE-2017-18170",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18170"
},
{
"name": "CVE-2018-9429",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9429"
},
{
"name": "CVE-2018-5855",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5855"
},
{
"name": "CVE-2018-9433",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9433"
},
{
"name": "CVE-2018-11304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11304"
},
{
"name": "CVE-2018-11258",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11258"
},
{
"name": "CVE-2018-9419",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9419"
},
{
"name": "CVE-2018-9413",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9413"
},
{
"name": "CVE-2018-7995",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7995"
},
{
"name": "CVE-2017-18277",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18277"
},
{
"name": "CVE-2018-5858",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5858"
},
{
"name": "CVE-2018-5875",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5875"
},
{
"name": "CVE-2018-9431",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9431"
},
{
"name": "CVE-2018-9420",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9420"
},
{
"name": "CVE-2018-9418",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9418"
},
{
"name": "CVE-2018-5882",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5882"
},
{
"name": "CVE-2017-1821",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1821"
},
{
"name": "CVE-2018-9415",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9415"
},
{
"name": "CVE-2018-9414",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9414"
},
{
"name": "CVE-2018-9434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9434"
},
{
"name": "CVE-2018-9422",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9422"
},
{
"name": "CVE-2018-9417",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9417"
},
{
"name": "CVE-2017-18274",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18274"
},
{
"name": "CVE-2017-15841",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15841"
},
{
"name": "CVE-2017-15851",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15851"
},
{
"name": "CVE-2018-5864",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5864"
},
{
"name": "CVE-2018-5907",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5907"
},
{
"name": "CVE-2018-1065",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1065"
},
{
"name": "CVE-2017-18278",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18278"
},
{
"name": "CVE-2016-2108",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2108"
},
{
"name": "CVE-2018-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5878"
},
{
"name": "CVE-2018-9432",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9432"
},
{
"name": "CVE-2017-13077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
}
],
"initial_release_date": "2018-07-03T00:00:00",
"last_revision_date": "2018-07-03T00:00:00",
"links": [],
"reference": "CERTFR-2018-AVI-320",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-07-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Android.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Pixel/Nexus du 02 juillet 2018",
"url": "https://source.android.com/security/bulletin/pixel/2018-07-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 02 juillet 2018",
"url": "https://source.android.com/security/bulletin/2018-07-01"
}
]
}
CVE-2018-5878 (GCVE-0-2018-5878)
Vulnerability from cvelistv5 – Published: 2018-07-06 17:00 – Updated: 2024-09-16 22:26
VLAI
EPSS
Summary
While sending the response to a RIL_REQUEST_GET_SMSC_ADDRESS message, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
Severity
No CVSS data available.
CWE
- Buffer Copy without Checking Size of Input in RIL
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.qualcomm.com/company/product-security… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear |
Affected:
MDM9206, MDM9607, MDM9635M, MDM9650, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 625, SD 835
|
Date Public
2018-07-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:47:55.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "MDM9206, MDM9607, MDM9635M, MDM9650, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 625, SD 835"
}
]
}
],
"datePublic": "2018-07-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "While sending the response to a RIL_REQUEST_GET_SMSC_ADDRESS message, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Copy without Checking Size of Input in RIL",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-06T16:57:01.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-07-02T00:00:00",
"ID": "CVE-2018-5878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value": "MDM9206, MDM9607, MDM9635M, MDM9650, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 625, SD 835"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "While sending the response to a RIL_REQUEST_GET_SMSC_ADDRESS message, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Copy without Checking Size of Input in RIL"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2018-5878",
"datePublished": "2018-07-06T17:00:00.000Z",
"dateReserved": "2018-01-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:26:36.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5882 (GCVE-0-2018-5882)
Vulnerability from cvelistv5 – Published: 2018-07-06 17:00 – Updated: 2024-09-16 23:31
VLAI
EPSS
Summary
While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
Severity
No CVSS data available.
CWE
- Buffer Over-read in Multimedia
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.qualcomm.com/company/product-security… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear |
Affected:
MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20
|
Date Public
2018-07-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:47:55.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20"
}
]
}
],
"datePublic": "2018-07-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Over-read in Multimedia",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-06T16:57:01.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-07-02T00:00:00",
"ID": "CVE-2018-5882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value": "MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Over-read in Multimedia"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2018-5882",
"datePublished": "2018-07-06T17:00:00.000Z",
"dateReserved": "2018-01-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:31:15.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5907 (GCVE-0-2018-5907)
Vulnerability from cvelistv5 – Published: 2018-07-06 19:00 – Updated: 2024-09-16 22:26
VLAI
EPSS
Summary
Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
Severity
No CVSS data available.
CWE
- Buffer Copy Without Checking Size of Input in Audio
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/pixe… | x_refsource_CONFIRM |
| https://www.vulnerabilitycenter.com/#%21vul=87341 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Android for MSM, Firefox OS for MSM, QRD Android |
Affected:
All Android releases from CAF using the Linux kernel
|
Date Public
2018-07-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:47:56.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2018-07-01#qualcomm-components"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vulnerabilitycenter.com/#%21vul=87341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android for MSM, Firefox OS for MSM, QRD Android",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2018-07-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Copy Without Checking Size of Input in Audio",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-09T14:57:01.000Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/pixel/2018-07-01#qualcomm-components"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vulnerabilitycenter.com/#%21vul=87341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-07-05T00:00:00",
"ID": "CVE-2018-5907",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Copy Without Checking Size of Input in Audio"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/pixel/2018-07-01#qualcomm-components",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2018-07-01#qualcomm-components"
},
{
"name": "https://www.vulnerabilitycenter.com/#!vul=87341",
"refsource": "MISC",
"url": "https://www.vulnerabilitycenter.com/#!vul=87341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2018-5907",
"datePublished": "2018-07-06T19:00:00.000Z",
"dateReserved": "2018-01-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:26:40.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6927 (GCVE-0-2018-6927)
Vulnerability from cvelistv5 – Published: 2018-02-12 19:00 – Updated: 2024-08-05 06:17
VLAI
EPSS
Summary
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2018-02-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-4187",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3619-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3619-2/"
},
{
"name": "USN-3697-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3697-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a"
},
{
"name": "RHSA-2018:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "RHSA-2018:0654",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0654"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a"
},
{
"name": "USN-3697-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3697-2/"
},
{
"name": "103023",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103023"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15"
},
{
"name": "USN-3698-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3698-1/"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"name": "USN-3619-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3619-1/"
},
{
"name": "USN-3698-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3698-2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-12T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-4187",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3619-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3619-2/"
},
{
"name": "USN-3697-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3697-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a"
},
{
"name": "RHSA-2018:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "RHSA-2018:0654",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0654"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/torvalds/linux/commit/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a"
},
{
"name": "USN-3697-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3697-2/"
},
{
"name": "103023",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103023"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15"
},
{
"name": "USN-3698-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3698-1/"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"name": "USN-3619-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3619-1/"
},
{
"name": "USN-3698-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3698-2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6927",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4187",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3619-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3619-2/"
},
{
"name": "USN-3697-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3697-1/"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a"
},
{
"name": "RHSA-2018:1062",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "RHSA-2018:0654",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0654"
},
{
"name": "https://github.com/torvalds/linux/commit/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a"
},
{
"name": "USN-3697-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3697-2/"
},
{
"name": "103023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103023"
},
{
"name": "RHSA-2018:0676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15",
"refsource": "MISC",
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15"
},
{
"name": "USN-3698-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3698-1/"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"name": "USN-3619-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3619-1/"
},
{
"name": "USN-3698-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3698-2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6927",
"datePublished": "2018-02-12T19:00:00.000Z",
"dateReserved": "2018-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:17:17.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-7995 (GCVE-0-2018-7995)
Vulnerability from cvelistv5 – Published: 2018-03-09 15:00 – Updated: 2024-08-05 06:37 Disputed
VLAI
EPSS
Summary
Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck<cpu number> directory. NOTE: a third party has indicated that this report is not security relevant
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://www.debian.org/security/2018/dsa-4187 | vendor-advisoryx_refsource_DEBIAN |
| https://usn.ubuntu.com/3654-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://bugzilla.suse.com/show_bug.cgi?id=1084755 | x_refsource_MISC |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | x_refsource_MISC |
| https://www.debian.org/security/2018/dsa-4188 | vendor-advisoryx_refsource_DEBIAN |
| https://lkml.org/lkml/2018/3/2/970 | x_refsource_MISC |
| http://www.securityfocus.com/bid/103356 | vdb-entryx_refsource_BID |
| https://usn.ubuntu.com/3654-2/ | vendor-advisoryx_refsource_UBUNTU |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://usn.ubuntu.com/3656-1/ | vendor-advisoryx_refsource_UBUNTU |
Date Public
2018-03-09 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-7995",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-18T19:22:32.395652Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-18T19:22:44.686Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-4187",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3654-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1084755"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b3b7c4795ccab5be71f080774c45bbbcc75c2aaf"
},
{
"name": "DSA-4188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lkml.org/lkml/2018/3/2/970"
},
{
"name": "103356",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103356"
},
{
"name": "USN-3654-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"name": "USN-3656-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3656-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck\u003ccpu number\u003e directory. NOTE: a third party has indicated that this report is not security relevant"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-23T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-4187",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3654-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1084755"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b3b7c4795ccab5be71f080774c45bbbcc75c2aaf"
},
{
"name": "DSA-4188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lkml.org/lkml/2018/3/2/970"
},
{
"name": "103356",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103356"
},
{
"name": "USN-3654-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"name": "USN-3656-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3656-1/"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck\u003ccpu number\u003e directory. NOTE: a third party has indicated that this report is not security relevant."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4187",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "USN-3654-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1084755",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1084755"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b3b7c4795ccab5be71f080774c45bbbcc75c2aaf",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b3b7c4795ccab5be71f080774c45bbbcc75c2aaf"
},
{
"name": "DSA-4188",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"name": "https://lkml.org/lkml/2018/3/2/970",
"refsource": "MISC",
"url": "https://lkml.org/lkml/2018/3/2/970"
},
{
"name": "103356",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103356"
},
{
"name": "USN-3654-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"name": "USN-3656-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3656-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-7995",
"datePublished": "2018-03-09T15:00:00.000Z",
"dateReserved": "2018-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:37:59.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9365 (GCVE-0-2018-9365)
Vulnerability from cvelistv5 – Published: 2024-11-19 20:44 – Updated: 2024-11-21 15:10
VLAI
EPSS
Summary
In smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code execution due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Andrioid |
Affected:
6
Affected: 6.0.1 Affected: 7 Affected: 8 Affected: 8.1 Affected: nyc-mr1-dev Affected: nyc-mr2-dev |
||
| android |
Affected:
6
Affected: 6.0.1 Affected: 7 Affected: 8 Affected: 8.1 Affected: nyc-mr1-dev Affected: nyc-mr2-dev cpe:2.3:o:google:android:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "6"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "7"
},
{
"status": "affected",
"version": "8"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "nyc-mr1-dev"
},
{
"status": "affected",
"version": "nyc-mr2-dev"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-9365",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T15:08:16.777822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T15:10:28.232Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Andrioid",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "6"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "7"
},
{
"status": "affected",
"version": "8"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "nyc-mr1-dev"
},
{
"status": "affected",
"version": "nyc-mr2-dev"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code execution due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "In smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code execution due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T20:44:28.663Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/2018-07-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2018-9365",
"datePublished": "2024-11-19T20:44:28.663Z",
"dateReserved": "2018-04-05T00:00:00.000Z",
"dateUpdated": "2024-11-21T15:10:28.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9376 (GCVE-0-2018-9376)
Vulnerability from cvelistv5 – Published: 2024-12-02 20:59 – Updated: 2024-12-03 18:39
VLAI
EPSS
Summary
In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Android |
Affected:
6
Affected: 6.0.1 Affected: 7 Affected: 7.1.1 Affected: 7.1.2 Affected: 8 Affected: 8.1 |
||
| android |
Affected:
0 , < 2018-07-05
(custom)
cpe:2.3:o:google:android:*:*:*:*:*:*:*:* |
||
| pixel |
Affected:
0 , < 2018-07-05
(custom)
cpe:2.3:h:google:pixel:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"lessThan": "2018-07-05",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:google:pixel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pixel",
"vendor": "google",
"versions": [
{
"lessThan": "2018-07-05",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-9376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-03T18:38:15.430097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T18:39:18.952Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "6"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "7"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "8"
},
{
"status": "affected",
"version": "8.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn rpc_msg_handler and related handlers of\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edrivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ewrite due to an incorrect bounds check. This could lead to local escalation\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eof privilege with System execution privileges needed. User interaction is\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003enot needed for exploitation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "In rpc_msg_handler and related handlers of\u00a0drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds\u00a0write due to an incorrect bounds check. This could lead to local escalation\u00a0of privilege with System execution privileges needed. User interaction is\u00a0not needed for exploitation."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T20:59:25.345Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/pixel/2018-07-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2018-9376",
"datePublished": "2024-12-02T20:59:25.345Z",
"dateReserved": "2018-04-05T00:00:00.000Z",
"dateUpdated": "2024-12-03T18:39:18.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9410 (GCVE-0-2018-9410)
Vulnerability from cvelistv5 – Published: 2024-11-19 21:04 – Updated: 2024-11-21 15:07
VLAI
EPSS
Summary
In analyzeAxes of FontUtils.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-9410",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T15:07:20.631617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T15:07:38.597Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "8"
},
{
"status": "affected",
"version": "8.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn analyzeAxes of FontUtils.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "In analyzeAxes of FontUtils.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T21:04:59.464Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/2018-07-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2018-9410",
"datePublished": "2024-11-19T21:04:59.464Z",
"dateReserved": "2018-04-05T00:00:00.000Z",
"dateUpdated": "2024-11-21T15:07:38.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9411 (GCVE-0-2018-9411)
Vulnerability from cvelistv5 – Published: 2024-11-19 21:06 – Updated: 2024-11-20 15:55
VLAI
EPSS
Summary
In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "8"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "9"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-9411",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T15:52:11.948180Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T15:55:45.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "8"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T21:06:22.949Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/2018-07-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2018-9411",
"datePublished": "2024-11-19T21:06:22.949Z",
"dateReserved": "2018-04-05T00:00:00.000Z",
"dateUpdated": "2024-11-20T15:55:45.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9412 (GCVE-0-2018-9412)
Vulnerability from cvelistv5 – Published: 2024-11-19 21:08 – Updated: 2025-03-19 17:15
VLAI
EPSS
Summary
In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-9412",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T15:49:13.782415Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T17:15:42.796Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "6"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "7"
},
{
"status": "affected",
"version": "8"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "nyc-mr1-dev"
},
{
"status": "affected",
"version": "nyc-mr2-dev"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T21:08:26.491Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/2018-07-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2018-9412",
"datePublished": "2024-11-19T21:08:26.491Z",
"dateReserved": "2018-04-05T00:00:00.000Z",
"dateUpdated": "2025-03-19T17:15:42.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…