| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). |
| The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission. |
| In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications. |
| In all Android releases from CAF using the Linux kernel, a sensitive system call was allowed to be called by HLOS. |
| In all Android releases from CAF using the Linux kernel, some regions of memory were not protected during boot. |
| In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed. |
| In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing. |
| In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore. |
| In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler. |
| In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended. |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in LTE. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hypervisor function is not properly validated. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl. |
