|
2019-06-07
|
CVE-2019-2102 |
In the Bluetooth Low Energy (BLE) specification, there is a provided example Long Term Key (LTK). If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired Android host due to improperly used crypto. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-128843052. |
Android
|
8.8
|
|
|
2018-12-06
|
CVE-2018-9568 |
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel. |
Ubuntu_linux,
Android,
Enterprise_linux_desktop,
Enterprise_linux_server,
Enterprise_linux_server_aus,
Enterprise_linux_server_eus,
Enterprise_linux_server_tus,
Enterprise_linux_workstation,
Virtualization
|
7.8
|
|
|
2019-09-06
|
CVE-2019-9450 |
In the Android kernel in the FingerTipS touchscreen driver there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Android
|
N/A
|
|
|
2019-09-06
|
CVE-2018-6240 |
NVIDIA Tegra contains a vulnerability in BootRom where a user with kernel level privileges can write an arbitrary value to an arbitrary physical address |
Android
|
7.8
|
|
|
2019-09-06
|
CVE-2019-9461 |
In the Android kernel in VPN routing there is a possible information disclosure. This could lead to remote information disclosure by an adjacent network attacker with no additional execution privileges needed. User interaction is not needed for exploitation. |
Android
|
N/A
|
|
|
2019-09-06
|
CVE-2019-9458 |
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
Android
|
N/A
|
|
|
2019-09-06
|
CVE-2019-9457 |
In the Android kernel in ELF file loading there is possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
Android
|
N/A
|
|
|
2019-09-06
|
CVE-2019-9456 |
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Android
|
N/A
|
|
|
2019-09-06
|
CVE-2019-9455 |
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. |
Android
|
N/A
|
|
|
2019-09-06
|
CVE-2019-9454 |
In the Android kernel in i2c driver there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
Android
|
N/A
|
|