Google Inc Android vulnerabilities

CVE-2017-13230 [HIGH] CWE-787 CVE-2017-13230: In hevc codec, there is an out-of-bounds write due to an incorrect bounds check with the i2_pic_widt In hevc codec, there is an out-of-bounds write due to an incorrect bounds check with the i2_pic_width_in_luma_samples value. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65483665.

CVE-2017-13239 [HIGH] CWE-200 CVE-2017-13239: A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Ve A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Versions: 8.0. ID: A-66244132.

CVE-2017-13231 [HIGH] CWE-787 CVE-2017-13231: In libmediadrm, there is an out-of-bounds write due to improper input validation. This could lead to In libmediadrm, there is an out-of-bounds write due to improper input validation. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-67962232.

CVE-2017-13236 [HIGH] CWE-732 CVE-2017-13236: In the KeyStore service, there is a permissions bypass that allows access to protected resources. Th In the KeyStore service, there is a permissions bypass that allows access to protected resources. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-68217699.

CVE-2017-13228 [HIGH] CWE-787 CVE-2017-13228: In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount bei In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A

CVE-2017-13247 [HIGH] CWE-862 CVE-2017-13247: In the Pixel 2 bootloader, there is a missing permission check which bypasses carrier bootloader loc In the Pixel 2 bootloader, there is a missing permission check which bypasses carrier bootloader lock. This could lead to local elevation of privileges with user execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-71486645.

CVE-2017-13245 [HIGH] CVE-2017-13245: A elevation of privilege vulnerability in the Upstream kernel audio driver. Product: Android. Versio A elevation of privilege vulnerability in the Upstream kernel audio driver. Product: Android. Versions: Android kernel. ID: A-64315347.

CVE-2017-13235 [MEDIUM] CWE-476 CVE-2017-13235: A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866.

CVE-2017-13233 [MEDIUM] CWE-400 CVE-2017-13233: In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible resource exhaustion. This coul In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible resource exhaustion. This could lead to a remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-62851602.

CVE-2017-13234 [MEDIUM] CWE-772 CVE-2017-13234: In DLSParser of the sonivox library, there is possible resource exhaustion due to a memory leak. Thi In DLSParser of the sonivox library, there is possible resource exhaustion due to a memory leak. This could lead to remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68159767.

CVE-2017-13238 [MEDIUM] CWE-200 CVE-2017-13238: In XBLRamDump mode, there is a debug feature that can be used to dump memory contents, if an attacke In XBLRamDump mode, there is a debug feature that can be used to dump memory contents, if an attacker has physical access to the device. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-64610940.

CVE-2017-13203 [CRITICAL] CWE-200 CVE-2017-13203: An information disclosure vulnerability in the Android media framework (libavc). Product: Android. V An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63122634.

CVE-2017-13187 [CRITICAL] CWE-200 CVE-2017-13187: An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65034175.

CVE-2017-13179 [CRITICAL] CWE-416 CVE-2017-13179: In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out- In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both ps_codec_obj and ps_create_op->s_ivd_create_op_t.pv_handle point to the same memory and ps_codec_obj could be freed without clearing ps_create_op->s_ivd_create_op_t.pv_handle. This could lead to remote c

CVE-2017-13205 [CRITICAL] CWE-200 CVE-2017-13205: An information disclosure vulnerability in the Android media framework (libmpeg2). Product: Android. An information disclosure vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64550583.

CVE-2017-13188 [CRITICAL] CWE-200 CVE-2017-13188: An information disclosure vulnerability in the Android media framework (aac). Product: Android. Vers An information disclosure vulnerability in the Android media framework (aac). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65280786.

CVE-2017-13208 [CRITICAL] CWE-119 CVE-2017-13208: In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7

CVE-2017-13185 [CRITICAL] CWE-200 CVE-2017-13185: An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65123471.

CVE-2017-13178 [CRITICAL] CWE-416 CVE-2017-13178: In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0.1, 7.0

CVE-2017-13177 [CRITICAL] CWE-119 CVE-2017-13177: In several functions of libhevc, NEON registers are not preserved. This could lead to remote code ex In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68320413.