CVE-2018-17182 Camera driver in Android before the 18 release, when a camera device is enabled and the debug mode is enabled on the device, allows remote attackers to obtain sensitive information due to a use-after-free in camera driver. CVE-2018-17181 The media_ring_host_activate_stream function in drivers/media/ring/host/vmsclk/vmsclk-host.c in the MediaRX Android library (aka libmedirx), as distributed in Android before the 18 release, misuses the size of the ring buffer, which could lead to a crash or buffer overflow. CVE-2018-17180 The media_mediasession_set_caps function in drivers/media/media-session/mediasession.c in the Mediasession Android library (aka libmedia) as distributed in Android before the 18 release, does not validate size information passed from the user, which could lead to a buffer overflow. CVE-2018-17179 In the mcrypt_generic function in drivers/crypto/mfd/mcrypt.c in the MediaTek Android library (aka libmfd) as distributed in Android before the 18 release, there is no verification that data is in the correct range, which could lead to a buffer overflow. CVE-2018-17178 The mcrypt_generate_key function in drivers/crypto/mfd/mcrypt-generic.c in the
Android Bug Prediction Framework (ABPPF)
The Android Bug Prediction Framework (ABPPF) was created to help the community get started in finding and reporting vulnerabilities. The site has a number of security-related tools, including a bounty program that allows you to report an issue with bugs as well as to discover new vulnerabilities.
3) ABPPF is a website that helps in finding vulnerabilities on Android devices
Timeline
Published on: 10/14/2022 19:15:00 UTC
Last modified on: 10/18/2022 19:08:00 UTC