The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Google Android Lollipop

Linux kernel: integer overflow of SCSI sg_start_req
A local attacker can generate an integer overflow in the SCSI driver of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
CERTFR-2015-AVI-331, CERTFR-2015-AVI-369, CERTFR-2015-AVI-372, CERTFR-2015-AVI-411, CERTFR-2015-AVI-417, CERTFR-2016-AVI-073, CERTFR-2016-AVI-103, CVE-2015-5707, DSA-3329-1, openSUSE-SU-2015:1842-1, openSUSE-SU-2016:0301-1, SOL17475, SUSE-SU-2015:1478-1, SUSE-SU-2015:1592-1, SUSE-SU-2015:1611-1, SUSE-SU-2015:2084-1, SUSE-SU-2015:2085-1, SUSE-SU-2015:2086-1, SUSE-SU-2015:2087-1, SUSE-SU-2015:2089-1, SUSE-SU-2015:2090-1, SUSE-SU-2015:2091-1, SUSE-SU-2016:0585-1, SUSE-SU-2016:0785-1, USN-2733-1, USN-2734-1, USN-2737-1, USN-2738-1, USN-2750-1, USN-2759-1, USN-2760-1, VIGILANCE-VUL-17576
Linux kernel: use after free via path_openat
A local attacker can force the usage of a freed memory area in the path_openat() function of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
940339, CERTFR-2015-AVI-331, CVE-2015-5706, DSA-3329-1, VIGILANCE-VUL-17575
Google Android OS: integer overflow of mediaserver via MKV
An attacker can invite the victim to see a web site containing a malicious MKV video, in order to trigger a denial of service of mediaserver on Google Android OS, ...
ANDROID-21296336, VIGILANCE-VUL-17542
Google Android OS: seven vulnerabilities of Stagefright
An attacker can send a malicious MMS to the number of an Android phone owner, in order to run code...
ANDROID-21336907, AVKB230, CERTFR-2015-ALE-010, CVE-2015-1538, CVE-2015-1539, CVE-2015-3824, CVE-2015-3826, CVE-2015-3827, CVE-2015-3828, CVE-2015-3829, VIGILANCE-VUL-17512, VU#924951
Expat: integer overflow of XML
An attacker can generate an integer overflow in the XML parser of Expat, in order to trigger a denial of service, and possibly to run code...
1964428, 1965444, 1967199, 1969062, 1990421, 1990658, bulletinjul2016, CVE-2015-1283, DSA-3318-1, FreeBSD-SA-15:20.expat, JSA10904, K15104541, openSUSE-SU-2016:1441-1, openSUSE-SU-2016:1523-1, SOL15104541, SSA:2016-359-01, SUSE-SU-2016:1508-1, SUSE-SU-2016:1512-1, USN-2726-1, USN-3013-1, VIGILANCE-VUL-17498
Android: file creation via ADB
An attacker can bypass access restrictions of ADB of Android, in order for example to create a Trojan horse...
VIGILANCE-VUL-17353
Linux kernel: denial of service via UDP
An attacker can flood a Linux host with UDP packet with wrong checksum, in order to trigger a denial of service...
CERTFR-2015-AVI-311, CERTFR-2015-AVI-318, CERTFR-2015-AVI-331, CERTFR-2015-AVI-352, CERTFR-2015-AVI-357, CERTFR-2015-AVI-391, CERTFR-2017-AVI-012, CVE-2015-5364, CVE-2015-5366, DSA-3313-1, DSA-3329-1, JSA10770, K17307, K17309, openSUSE-SU-2015:1382-1, openSUSE-SU-2016:0301-1, PAN-SA-2016-0025, RHSA-2015:1623-01, RHSA-2015:1778-01, RHSA-2015:1787-01, RHSA-2015:1788-01, RHSA-2016:0045-01, RHSA-2016:1096-01, RHSA-2016:1100-01, RHSA-2016:1225-01, SOL17307, SOL17309, SUSE-SU-2015:1224-1, SUSE-SU-2015:1324-1, SUSE-SU-2015:1478-1, SUSE-SU-2015:1592-1, SUSE-SU-2015:1611-1, USN-2678-1, USN-2680-1, USN-2681-1, USN-2682-1, USN-2683-1, USN-2684-1, USN-2685-1, USN-2713-1, USN-2714-1, VIGILANCE-VUL-17284
Linux kernel: information disclosure via UDF
A local attacker can mount a malicious UDF filesystem on Linux, in order to obtain sensitive information from the kernel memory...
CERTFR-2015-AVI-357, CVE-2014-9731, openSUSE-SU-2015:1382-1, openSUSE-SU-2016:0301-1, SUSE-SU-2015:1224-1, SUSE-SU-2015:1324-1, SUSE-SU-2015:1592-1, SUSE-SU-2015:1611-1, VIGILANCE-VUL-17056
Linux kernel: memory corruption via pipe_iov_copy
A local attacker can generate a memory corruption in pipe_iov_copy functions of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
1202855, CERTFR-2015-AVI-243, CERTFR-2015-AVI-261, CERTFR-2015-AVI-263, CERTFR-2015-AVI-318, CVE-2015-1805, DSA-3290-1, JSA10853, RHSA-2015:1042-01, RHSA-2015:1081-01, RHSA-2015:1082-01, RHSA-2015:1120-01, RHSA-2015:1137-01, RHSA-2015:1138-01, RHSA-2015:1139-01, RHSA-2015:1190-01, RHSA-2015:1199-01, RHSA-2015:1211-01, RHSA-2016:0103-01, SOL17458, SOL17462, SUSE-SU-2015:1224-1, SUSE-SU-2015:1324-1, SUSE-SU-2015:1478-1, SUSE-SU-2015:1592-1, SUSE-SU-2015:1611-1, USN-2678-1, USN-2679-1, USN-2680-1, USN-2681-1, VIGILANCE-VUL-17038
Linux kernel: use after free via ping_unhash
A local attacker can force the usage of a freed memory area in ping_unhash() of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
CERTFR-2015-AVI-254, CERTFR-2015-AVI-261, CERTFR-2015-AVI-328, CERTFR-2015-AVI-357, CVE-2015-3636, DSA-3290-1, FEDORA-2015-7736, FEDORA-2015-8518, K17246, openSUSE-SU-2015:1382-1, openSUSE-SU-2016:0301-1, RHSA-2015:1221-01, RHSA-2015:1534-01, RHSA-2015:1564-01, RHSA-2015:1565-01, RHSA-2015:1583-01, RHSA-2015:1643-01, SOL17246, SUSE-SU-2015:1071-1, SUSE-SU-2015:1224-1, SUSE-SU-2015:1376-1, SUSE-SU-2015:1478-1, USN-2631-1, USN-2632-1, USN-2633-1, USN-2634-1, USN-2635-1, USN-2636-1, USN-2637-1, USN-2638-1, VIGILANCE-VUL-16801
Our database contains other pages. You can request a free trial to read them.

Display information about Google Android Lollipop: