Google Inc Android vulnerabilities

CVE-2016-8457 [HIGH] CWE-264 CVE-2016-8457: An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32219453. References: B-RB#

CVE-2016-6755 [HIGH] CWE-284 CVE-2016-6755: An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30740545. References: QC-

CVE-2016-6785 [HIGH] CWE-284 CVE-2016-6785: An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious applic An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31748056. References: MT-ALPS02961400.

CVE-2016-8449 [HIGH] CWE-264 CVE-2016-8449: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious appl An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31798848. References: N-CVE-2016-8449.

CVE-2017-0385 [HIGH] CVE-2017-0385: An elevation of privilege vulnerability in Audioserver could enable a local malicious application to An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4

CVE-2016-6789 [HIGH] CWE-284 CVE-2016-6789: An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application

CVE-2016-8415 [HIGH] CWE-284 CVE-2016-8415: An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31750554. References: QC-CR

CVE-2016-8392 [HIGH] CWE-284 CVE-2016-8392: An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31385862. References: QC-CR

CVE-2016-8465 [HIGH] CWE-264 CVE-2016-8465: An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10

CVE-2016-8423 [HIGH] CWE-264 CVE-2016-8423: An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious ap An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android.

CVE-2016-6758 [HIGH] CWE-284 CVE-2016-6758: An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious appl An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Andr

CVE-2016-6777 [HIGH] CWE-284 CVE-2016-6777: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious appl An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Ve

CVE-2017-0386 [HIGH] CVE-2017-0386: An elevation of privilege vulnerability in the libnl library could enable a local malicious applicat An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Version

CVE-2016-8450 [HIGH] CWE-264 CVE-2016-8450: An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32450563. References: QC-CR#880388.

CVE-2016-8446 [HIGH] CWE-264 CVE-2016-8446: An elevation of privilege vulnerability in MediaTek components, including the thermal driver and vid An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31747

CVE-2016-8436 [HIGH] CWE-264 CVE-2016-8436: An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android.

CVE-2017-0403 [HIGH] CVE-2017-0403: An elevation of privilege vulnerability in the kernel performance subsystem could enable a local mal An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32402548.

CVE-2017-0394 [HIGH] CVE-2017-0394: A denial of service vulnerability in Telephony could enable a remote attacker to cause a device hang A denial of service vulnerability in Telephony could enable a remote attacker to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31752213.

CVE-2016-6776 [HIGH] CWE-284 CVE-2016-6776: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious appl An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Ve

CVE-2016-8448 [HIGH] CWE-264 CVE-2016-8448: An elevation of privilege vulnerability in MediaTek components, including the thermal driver and vid An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31791