| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33939045. References: M-ALPS03149189. |
| An elevation of privilege vulnerability in the MediaTek performance service. Product: Android. Versions: Android kernel. Android ID A-64316572. References: M-ALPS03479086. |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler. |
| In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications. |
| In all Android releases from CAF using the Linux kernel, a dynamically-protected DDR region could potentially get overwritten. |
| In all Android releases from CAF using the Linux kernel, libtomcrypt was updated. |
| In all Android releases from CAF using the Linux kernel, some regions of memory were not protected during boot. |
| In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed. |
| In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing. |
| In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore. |
| In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler. |
| In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition. |
| An elevation of privilege vulnerability in the MediaTek display driver. Product: Android. Versions: Android kernel. Android ID A-36102397. References: M-ALPS03359280. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity. |
