The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Google Android KitKat

Linux kernel: memory corruption via audit_log_single_execve_arg
An attacker can generate a memory corruption via audit_log_single_execve_arg() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
120681, 1353533, CERTFR-2016-AVI-315, CERTFR-2016-AVI-334, CVE-2016-6136, DLA-609-1, DSA-3659-1, FEDORA-2016-30e3636e79, FEDORA-2016-754e4768d8, JSA11023, K90803619, RHSA-2016:2574-02, RHSA-2016:2584-02, RHSA-2017:0307-01, USN-3084-1, USN-3084-2, USN-3084-3, USN-3084-4, USN-3097-1, USN-3097-2, USN-3098-1, USN-3098-2, VIGILANCE-VUL-20336
cURL: three vulnerabilities
An attacker can use several vulnerabilities of cURL...
bulletinoct2016, cpuoct2018, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, DLA-586-1, DSA-2020-030, DSA-3638-1, FEDORA-2016-24316f1f56, FEDORA-2016-8354baae0f, HT207423, JSA10874, openSUSE-SU-2016:2227-1, openSUSE-SU-2016:2379-1, RHSA-2016:2575-02, RHSA-2018:3558-01, SSA:2016-219-01, STORM-2019-002, USN-3048-1, VIGILANCE-VUL-20295
Android OS: multiple vulnerabilities
An attacker can use several vulnerabilities of Android...
BAD-CVE-2106-2504, CERTFR-2016-AVI-257, CVE-2012-6701, CVE-2014-9863, CVE-2014-9864, CVE-2014-9865, CVE-2014-9866, CVE-2014-9867, CVE-2014-9868, CVE-2014-9869, CVE-2014-9870, CVE-2014-9871, CVE-2014-9872, CVE-2014-9873, CVE-2014-9874, CVE-2014-9875, CVE-2014-9876, CVE-2014-9877, CVE-2014-9878, CVE-2014-9879, CVE-2014-9880, CVE-2014-9881, CVE-2014-9882, CVE-2014-9883, CVE-2014-9884, CVE-2014-9885, CVE-2014-9886, CVE-2014-9887, CVE-2014-9888, CVE-2014-9889, CVE-2014-9890, CVE-2014-9891, CVE-2014-9892, CVE-2014-9893, CVE-2014-9894, CVE-2014-9895, CVE-2014-9896, CVE-2014-9897, CVE-2014-9898, CVE-2014-9899, CVE-2014-9900, CVE-2014-9901, CVE-2014-9902, CVE-2014-9903, CVE-2014-9904, CVE-2015-1593, CVE-2015-2686, CVE-2015-8937, CVE-2015-8938, CVE-2015-8939, CVE-2015-8940, CVE-2015-8941, CVE-2015-8942, CVE-2015-8943, CVE-2015-8944, CVE-2016-2497, CVE-2016-2504, CVE-2016-2544, CVE-2016-2546, CVE-2016-2842, CVE-2016-3672, CVE-2016-3819, CVE-2016-3820, CVE-2016-3821, CVE-2016-3822, CVE-2016-3823, CVE-2016-3824, CVE-2016-3825, CVE-2016-3826, CVE-2016-3827, CVE-2016-3828, CVE-2016-3829, CVE-2016-3830, CVE-2016-3831, CVE-2016-3832, CVE-2016-3833, CVE-2016-3834, CVE-2016-3835, CVE-2016-3836, CVE-2016-3837, CVE-2016-3838, CVE-2016-3839, CVE-2016-3840, CVE-2016-3841, CVE-2016-3842, CVE-2016-3843, CVE-2016-3844, CVE-2016-3845, CVE-2016-3846, CVE-2016-3847, CVE-2016-3848, CVE-2016-3849, CVE-2016-3850, CVE-2016-3851, CVE-2016-3852, CVE-2016-3853, CVE-2016-3854, CVE-2016-3855, CVE-2016-3856, CVE-2016-3857, CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, QuadRooter, VIGILANCE-VUL-20288
Android Contacts: phone calls
An attacker can invite the victim to install a malicious application, which uses Android Contacts, in order to make phone calls...
JVN#06212291, VIGILANCE-VUL-20196
OpenJPEG: use after free via opj_j2k_write_mco
An attacker can force the usage of a freed memory area via opj_j2k_write_mco of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
CVE-2015-8871, DSA-3665-1, FEDORA-2016-14d8f9b4ed, FEDORA-2016-8fa7ced365, FEDORA-2016-abdc548f46, FEDORA-2016-d2ab705e4a, openSUSE-SU-2017:2186-1, openSUSE-SU-2017:2567-1, VIGILANCE-VUL-20102
Linux kernel: injecting TCP packets via Challenge ACK
An attacker can predict the sequence of a TCP session performed to a Linux server, in order to inject a TCP packet, which can interact with the session if it is not encrypted...
CERTFR-2016-AVI-287, CERTFR-2016-AVI-289, CERTFR-2017-AVI-001, CERTFR-2017-AVI-044, CERTFR-2017-AVI-053, CERTFR-2017-AVI-131, CVE-2016-5389-REJECT, CVE-2016-5696, DLA-609-1, DSA-3659-1, FEDORA-2016-784d5526d8, FEDORA-2016-9a16b2e14e, FG-IR-16-047, FG-IR-16-048, FG-IR-17-127, JSA10853, openSUSE-SU-2016:2290-1, openSUSE-SU-2016:2625-1, openSUSE-SU-2016:3021-1, PAN-SA-2017-0015, RHSA-2016:1631-01, RHSA-2016:1632-01, RHSA-2016:1633-01, RHSA-2016:1657-01, RHSA-2016:1664-01, RHSA-2016:1814-01, RHSA-2016:1815-01, RHSA-2016:1939-01, SA131, SB10167, SOL46514822, SSA:2016-236-03, SSA:2016-242-01, SUSE-SU-2016:2245-1, SUSE-SU-2016:2912-1, SUSE-SU-2016:2976-1, SUSE-SU-2016:3069-1, SUSE-SU-2016:3304-1, SUSE-SU-2017:0437-1, SUSE-SU-2017:0471-1, SUSE-SU-2017:1102-1, USN-3070-1, USN-3070-2, USN-3070-3, USN-3070-4, USN-3071-1, USN-3071-2, USN-3072-1, USN-3072-2, VIGILANCE-VUL-20066
Android: multiple vulnerabilities
An attacker can use several vulnerabilities of Android...
795, 796, CERTFR-2016-AVI-227, CVE-2013-7457, CVE-2014-0196, CVE-2014-0973, CVE-2014-0974, CVE-2014-9777, CVE-2014-9778, CVE-2014-9779, CVE-2014-9780, CVE-2014-9781, CVE-2014-9782, CVE-2014-9783, CVE-2014-9784, CVE-2014-9785, CVE-2014-9786, CVE-2014-9787, CVE-2014-9788, CVE-2014-9789, CVE-2014-9790, CVE-2014-9791-REJECT, CVE-2014-9792, CVE-2014-9793, CVE-2014-9794-REJECT, CVE-2014-9795, CVE-2014-9796, CVE-2014-9797-REJECT, CVE-2014-9798, CVE-2014-9799, CVE-2014-9800, CVE-2014-9801, CVE-2014-9802, CVE-2014-9803, CVE-2015-8888, CVE-2015-8889, CVE-2015-8890, CVE-2015-8891, CVE-2015-8892, CVE-2015-8893, CVE-2016-2067, CVE-2016-2068, CVE-2016-2501, CVE-2016-2502, CVE-2016-2503, CVE-2016-2505, CVE-2016-2506, CVE-2016-2507, CVE-2016-2508, CVE-2016-3741, CVE-2016-3742, CVE-2016-3743, CVE-2016-3744, CVE-2016-3745, CVE-2016-3746, CVE-2016-3747, CVE-2016-3748, CVE-2016-3749, CVE-2016-3750, CVE-2016-3751, CVE-2016-3752, CVE-2016-3753, CVE-2016-3754, CVE-2016-3755, CVE-2016-3756, CVE-2016-3757, CVE-2016-3758, CVE-2016-3759, CVE-2016-3760, CVE-2016-3761, CVE-2016-3762, CVE-2016-3763, CVE-2016-3764, CVE-2016-3765, CVE-2016-3766, CVE-2016-3767, CVE-2016-3768, CVE-2016-3769, CVE-2016-3770, CVE-2016-3771, CVE-2016-3772, CVE-2016-3773, CVE-2016-3774, CVE-2016-3775, CVE-2016-3792, CVE-2016-3793, CVE-2016-3794-REJECT, CVE-2016-3795, CVE-2016-3796, CVE-2016-3797, CVE-2016-3798, CVE-2016-3799, CVE-2016-3800, CVE-2016-3801, CVE-2016-3802, CVE-2016-3803, CVE-2016-3804, CVE-2016-3805, CVE-2016-3806, CVE-2016-3807, CVE-2016-3808, CVE-2016-3809, CVE-2016-3810, CVE-2016-3811, CVE-2016-3812, CVE-2016-3813, CVE-2016-3814, CVE-2016-3815, CVE-2016-3816, CVE-2016-3818, QuadRooter, VIGILANCE-VUL-20040
Linux kernel: use after free via key_reject_and_link
An attacker can force the usage of a freed memory area via key_reject_and_link of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
CERTFR-2016-AVI-267, CERTFR-2016-AVI-278, CERTFR-2016-AVI-329, CERTFR-2017-AVI-034, CERTFR-2017-AVI-053, CVE-2016-4470, DLA-609-1, DSA-3607-1, FEDORA-2016-1c409313f4, FEDORA-2016-63ee0999e4, FEDORA-2016-73a733f4d9, JSA10853, openSUSE-SU-2016:1798-1, openSUSE-SU-2016:2144-1, openSUSE-SU-2016:2184-1, RHSA-2016:1532-02, RHSA-2016:1539-01, RHSA-2016:1541-03, RHSA-2016:1657-01, RHSA-2016:2006-01, RHSA-2016:2074-01, RHSA-2016:2076-01, RHSA-2016:2128-01, RHSA-2016:2133-01, SOL55672042, SUSE-SU-2016:1937-1, SUSE-SU-2016:1985-1, SUSE-SU-2016:2018-1, SUSE-SU-2016:2105-1, SUSE-SU-2016:2245-1, SUSE-SU-2017:0333-1, SUSE-SU-2017:0471-1, USN-3049-1, USN-3050-1, USN-3051-1, USN-3052-1, USN-3053-1, USN-3054-1, USN-3055-1, USN-3056-1, USN-3057-1, VIGILANCE-VUL-19912
Linux kernel: memory corruption via eCryptfs
An attacker can generate a memory corruption via eCryptfs of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
836, CERTFR-2016-AVI-199, CERTFR-2016-AVI-267, CERTFR-2017-AVI-012, CERTFR-2017-AVI-022, CERTFR-2017-AVI-034, CVE-2016-1583, DLA-516-1, DSA-3607-1, FEDORA-2016-1c409313f4, FEDORA-2016-63ee0999e4, FEDORA-2016-73a733f4d9, JSA10774, JSA10853, openSUSE-SU-2016:1641-1, openSUSE-SU-2016:2144-1, openSUSE-SU-2016:2184-1, RHSA-2016:2124-01, RHSA-2016:2126-01, RHSA-2016:2127-01, RHSA-2016:2766-01, RHSA-2017:2760-01, SUSE-SU-2016:1596-1, SUSE-SU-2016:1672-1, SUSE-SU-2016:1696-1, SUSE-SU-2016:1937-1, SUSE-SU-2016:1985-1, SUSE-SU-2016:2105-1, SUSE-SU-2016:2245-1, SUSE-SU-2017:0333-1, USN-2996-1, USN-2997-1, USN-2998-1, USN-2999-1, USN-3000-1, USN-3001-1, USN-3002-1, USN-3003-1, USN-3004-1, USN-3005-1, USN-3006-1, USN-3007-1, USN-3008-1, VIGILANCE-VUL-19861
expat: unsuitable use of pseudo random number generator
The change that aimed fix VIGILANCE-VUL-11420.introduced a wrong initialisation of the pseudo random number generator...
1990421, 1990658, CERTFR-2018-AVI-288, CVE-2012-6702, DLA-508-1, DSA-3597-1, FEDORA-2016-0fd6ca526a, FEDORA-2016-60889583ab, FEDORA-2016-7c6e7a9265, K65460334, openSUSE-SU-2017:0483-1, SSA:2016-359-01, TNS-2018-08, USN-3010-1, USN-3013-1, VIGILANCE-VUL-19837
Our database contains other pages. You can request a free trial to read them.

Display information about Google Android KitKat: