Google Inc Android vulnerabilities

CVE-2018-9490 [HIGH] CWE-704 CVE-2018-9490: In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type co In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type confusion. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0

CVE-2018-9473 [HIGH] CWE-190 CVE-2018-9473: In ihevcd_parse_sei_payload of ihevcd_parse_headers.c, there is a possible out-of-bounds write due t In ihevcd_parse_sei_payload of ihevcd_parse_headers.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android ID: A-65484460

CVE-2018-9513 [HIGH] CWE-415 CVE-2018-9513: In copy_process of fork.c, there is possible memory corruption due to a double free. This could lead In copy_process of fork.c, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111081202 References: N/A

CVE-2018-9506 [MEDIUM] CWE-125 CVE-2018-9506: In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bound read due to a missing bounds chec In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.

CVE-2018-9493 [MEDIUM] CWE-89 CVE-2018-9493: In the content provider of the download manager, there is a possible SQL injection due to improper i In the content provider of the download manager, there is a possible SQL injection due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 A

CVE-2018-9502 [MEDIUM] CWE-125 CVE-2018-9502: In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out-of-bounds read due to a missi In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.

CVE-2018-9509 [MEDIUM] CWE-125 CVE-2018-9509: In smp_proc_master_id of smp_act.cc, there is a possible out of bounds read due to a missing bounds In smp_proc_master_id of smp_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android

CVE-2018-9505 [MEDIUM] CWE-125 CVE-2018-9505: In mca_ccb_hdl_req of mca_cact.cc, there is a possible out of bounds read due to a missing bounds ch In mca_ccb_hdl_req of mca_cact.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-

CVE-2018-9508 [MEDIUM] CWE-125 CVE-2018-9508: In smp_process_keypress_notification of smp_act.cc, there is a possible out of bounds read due to an In smp_process_keypress_notification of smp_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2

CVE-2018-9499 [MEDIUM] CWE-908 CVE-2018-9499: In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This could In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This could lead to local information disclosure from the DRM server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android

CVE-2018-9510 [MEDIUM] CWE-125 CVE-2018-9510: In smp_proc_enc_info of smp_act.cc, there is a possible out of bounds read due to a missing bounds c In smp_proc_enc_info of smp_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android

CVE-2018-9507 [MEDIUM] CWE-125 CVE-2018-9507: In bta_av_proc_meta_cmd of bta_av_act.cc, there is a possible out of bounds read due to an incorrect In bta_av_proc_meta_cmd of bta_av_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.

CVE-2018-9452 [MEDIUM] CWE-20 CVE-2018-9452: In getOffsetForHorizontal of Layout.java, there is a possible application hang due to a slow width c In getOffsetForHorizontal of Layout.java, there is a possible application hang due to a slow width calculation. This could lead to remote denial of service if a contact with many hidden unicode characters were sent to the device and used by a local app, with no additional execution privileges needed. User interaction is needed for exploitation. Product

CVE-2018-9511 [MEDIUM] CWE-909 CVE-2018-9511: In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a secur In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a security feature due to uninitialized data. This could lead to local denial of service of IPsec on sockets with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-1

CVE-2016-8482 [HIGH] CWE-264 CVE-2016-8482: An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Androi An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. References: N-CVE-2016-8482.

CVE-2015-9016 [HIGH] CWE-264 CVE-2015-9016: In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046.

CVE-2017-0431 [HIGH] CVE-2017-0431: An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Vers An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32573899.

CVE-2017-0751 [MEDIUM] CVE-2017-0751: An elevation of privilege vulnerability in the Qualcomm QCE driver. Product: Android. Versions: Andr An elevation of privilege vulnerability in the Qualcomm QCE driver. Product: Android. Versions: Android kernel. Android ID: A-36591162. References: QC-CR#2045061.

CVE-2017-0744 [MEDIUM] CVE-2017-0744: An elevation of privilege vulnerability in the NVIDIA firmware processing code. Product: Android. Ve An elevation of privilege vulnerability in the NVIDIA firmware processing code. Product: Android. Versions: Android kernel. Android ID: A-34112726. References: N-CVE-2017-0744.

CVE-2017-0748 [MEDIUM] CWE-200 CVE-2017-0748: An information disclosure vulnerability in the Qualcomm audio driver. Product: Android. Versions: An An information disclosure vulnerability in the Qualcomm audio driver. Product: Android. Versions: Android Kernel. Android ID: A-35764875. References: QC-CR#2029798.