Summary Description CVE

Remote code execution vulnerability in Mediaserver A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. CVE-2017-0538

CVE-2017-0539

CVE-2017-0540

CVE-2017-0541

CVE-2017-0542

CVE-2017-0543

Elevation of privilege vulnerability in CameraBase An elevation of privilege vulnerability in CameraBase could enable a local malicious application to execute arbitrary code. CVE-2017-0544

Elevation of privilege vulnerability in Audioserver An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process CVE-2017-0545

Elevation of privilege vulnerability in SurfaceFlinger An elevation of privilege vulnerability in SurfaceFlinger could enable a local malicious application to execute arbitrary code within the context of a privileged process. CVE-2017-0546

Information disclosure vulnerability in Mediaserver An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. CVE-2017-0547

Denial of service vulnerability in Mediaserver A remote denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. CVE-2017-0549

CVE-2017-0550

CVE-2017-0551

CVE-2017-0552

Elevation of privilege vulnerability in libnl An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. CVE-2017-0553

Elevation of privilege vulnerability in Telephony An elevation of privilege vulnerability in the Telephony component could enable a local malicious application to access capabilities outside of its permission levels. CVE-2017-0554

Information disclosure vulnerability in Mediaserver An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. CVE-2017-0555

CVE-2017-0556

CVE-2017-0557

CVE-2017-0558

Information disclosure vulnerability in libskia An information disclosure vulnerability in libskia could enable a local malicious application to access data outside of its permission levels. CVE-2017-0559

Information disclosure vulnerability in Factory Reset An information disclosure vulnerability in the factory reset process could enable a local malicious attacker to access data from the previous owner. CVE-2017-0560

Remote code execution vulnerability in Broadcom Wi-Fi firmware A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. CVE-2017-0561

Remote code execution vulnerability in Qualcomm crypto engine driver A remote code execution vulnerability in the Qualcomm crypto engine driver could enable a remote attacker to execute arbitrary code within the context of the kernel. CVE-2016-10230

Remote code execution vulnerability in kernel networking subsystem A remote code execution vulnerability in the kernel networking subsystem could enable a remote attacker to execute arbitrary code within the context of the kernel. CVE-2016-10229

Elevation of privilege vulnerability in kernel ION subsystem An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-0564

Vulnerabilities in Qualcomm components Multiple vulnerabilities in Qualcomm components CVE-2016-10237

CVE-2016-10238

CVE-2016-10239

Remote code execution vulnerability in Freetype A remote code execution vulnerability in Freetype could enable a local malicious application to load a specially crafted font to cause memory corruption in an unprivileged process CVE-2016-10244

Elevation of privilege vulnerability in kernel sound subsystem An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2014-4656

Elevation of privilege vulnerability in Broadcom Wi-Fi driver An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-0567

CVE-2017-0568

CVE-2017-0569

CVE-2017-0570

CVE-2017-0571

CVE-2017-0572

CVE-2017-0573

CVE-2017-0574

Elevation of privilege vulnerability in Qualcomm Wi-Fi driver An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-0575

Elevation of privilege vulnerability in Qualcomm crypto engine driver An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-0576

Elevation of privilege vulnerability in DTS sound driver An elevation of privilege vulnerability in the DTS sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-0578

Elevation of privilege vulnerability in Qualcomm sound codec driver An elevation of privilege vulnerability in the Qualcomm sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-10231

Elevation of privilege vulnerability in Qualcomm video driver An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-0579

CVE-2016-10232

CVE-2016-10233

Elevation of privilege vulnerability in Qualcomm Seemp driver An elevation of privilege vulnerability in the Qualcomm Seemp driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-0462

Elevation of privilege vulnerability in Qualcomm Kyro L2 driver An elevation of privilege vulnerability in the Qualcomm Kyro L2 driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-6423

Elevation of privilege vulnerability in kernel file system An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2014-9922

Information disclosure vulnerability in kernel networking subsystem An information disclosure vulnerability in the kernel networking subsystem could enable a local malicious application to access data outside of its permission levels. CVE-2014-3145

Information disclosure vulnerability in Qualcomm IPA driver An information disclosure vulnerability in the Qualcomm IPA driver could enable a local malicious application to access data outside of its permission levels. CVE-2016-10234

Denial of service vulnerability in Qualcomm Wi-Fi driver A denial of service vulnerability in the Qualcomm Wi-Fi driver could enable a proximate attacker to cause a denial of service in the Wi-Fi subsystem. CVE-2016-10235

Elevation of privilege vulnerability in kernel file system An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code outside of its permission levels. CVE-2016-7097

Elevation of privilege vulnerability in Qualcomm Wi-Fi driver An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2017-6424

Elevation of privilege vulnerability in Broadcom Wi-Fi driver An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. CVE-2016-8465

Information disclosure vulnerability in kernel media driver An information disclosure vulnerability in the kernel media driver could enable a local malicious application to access data outside of its permission levels. CVE-2014-1739

Information disclosure vulnerability in Qualcomm Wi-Fi driver An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. CVE-2017-0584

Information disclosure vulnerability in Broadcom Wi-Fi driver An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. CVE-2017-0585

Information disclosure vulnerability in Qualcomm Avtimer driver An information disclosure vulnerability in the Qualcomm Avtimer driver could enable a local malicious application to access data outside of its permission levels. CVE-2016-5346

Information disclosure vulnerability in Qualcomm video driver An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. CVE-2017-6425

Information disclosure vulnerability in Qualcomm USB driver An information disclosure vulnerability in the Qualcomm USB driver could enable a local malicious application to access data outside of its permission levels. CVE-2016-10236

Information disclosure vulnerability in Qualcomm sound driver An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. CVE-2017-0586

Information disclosure vulnerability in Qualcomm SPMI driver An information disclosure vulnerability in the Qualcomm SPMI driver could enable a local malicious application to access data outside of its permission levels. CVE-2017-6426