Google Android Qualcomm Components Multiple Security Vulnerabilities
BID:105872
CVE-2017-15818 | CVE-2018-11905 | CVE-2018-11995 |Info
Google Android Qualcomm Components Multiple Security Vulnerabilities
| Bugtraq ID: | 105872 |
| Class: | Unknown |
| CVE: |
CVE-2017-15818 CVE-2018-11995 CVE-2018-11905 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 05 2018 12:00AM |
| Updated: | Apr 05 2019 05:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Google Android 0 |
| Not Vulnerable: | |
Discussion
Google Android Qualcomm Components Multiple Security Vulnerabilities
Google Android is prone to the following security vulnerabilities:
1. An integer overflow vulnerability.
2. Multiple arbitrary code-execution vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of a privileged process. Failed attacks may cause a denial-of-service condition.
These issues are being tracked by Android Bug IDs A-68992408, A-71501677 and A-112277889.
Google Android is prone to the following security vulnerabilities:
1. An integer overflow vulnerability.
2. Multiple arbitrary code-execution vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of a privileged process. Failed attacks may cause a denial-of-service condition.
These issues are being tracked by Android Bug IDs A-68992408, A-71501677 and A-112277889.
Exploit / POC
Google Android Qualcomm Components Multiple Security Vulnerabilities
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Google Android Qualcomm Components Multiple Security Vulnerabilities
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Google Android Qualcomm Components Multiple Security Vulnerabilities
References:
References:
- Android Homepage (Google)
- msm: ADSPRPC: Use msm_ion_do_cache_op to flush userspace buffers (codeaurora.org)
- platform: msm_shared: Avoid the integer overflow in qseecom (codeaurora.org)
- QcomModulePkg: Reset the Partition name-check variable (codeaurora.org)
- Android Security Bulletin�??April 2019 (Google)
- Android Security Bulletin�??November 2018 (Android)