Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
97 lines (89 sloc) 9.3 KB

Open

Closed

  • CVE-2014-4323
  • CVE-2015-4945
  • CVE-2015-5084
  • CVE-2015-4171
  • CVE-2015-3906
  • CVE-2015-1474
  • CVE-2015-1538
  • CVE-2015-1539
  • CVE-2015-3824 Android from 4.0.1 to 5.1.1
  • CVE-2015-3864
  • CVE-2015-3823 Android from 4.0.1 to 5.1.1
  • CVE-2015-0204 all systems, aka FREAK attack
  • CVE-2015-3860 Android 5.x Lockscreen Bypass (utexas.edu)
  • No encryption support anymore [by default it's off] (and not any word if it comes back with Android M) Nexus 6 (common security issue without CVE since Google 'killed' it)
  • Nexus Security Bulletin (October 2015) - All Stagefighter + 2.0 CVE
  • ANDROIDOS_WORMHOLE.HRXA Wormhole in Moplus SDK detected by Trend Micro
  • ZipBug 9950697
  • ZipBug 8219321
  • ZipBug 9695860
  • OpenSSL509 Serialization Bug CVE-2015-3825
  • StumpRoot
  • Jar Bug 13678484 / Android FakeID
  • Remote Code Execution Vulnerability in Mediaserver CVE-2015-6616 (Android 6.0.1)
  • Remote Code Execution Vulnerability in Skia CVE-2015-6617 (Android 6.0.1)
  • Elevation of Privilege in Kernel CVE-2015-6619 (Android 6.0.1)
  • Remote Code Execution Vulnerabilities in Display Driver CVE-2015-6634 & CVE-2015-6633 (Android 6.0.1)
  • Remote Code Execution Vulnerability in Bluetooth CVE-2015-6618 (Android 6.0.1)
  • Elevation of Privilege Vulnerabilities in libstagefright CVE-2015-6620 (Android 6.0.1)
  • Elevation of Privilege Vulnerability in SystemUI CVE-2015-6621 (Android 6.0.1)
  • Elevation of Privilege Vulnerability in Native Frameworks Library CVE-2015-6622 (Android 6.0.1)
  • Elevation of Privilege Vulnerability in Wi-Fi CVE-2015-6623 (Android 6.0.1)
  • Elevation of Privilege Vulnerability in System Server CVE-2015-6624 (Android 6.0.1)
  • Information Disclosure Vulnerabilities in libstagefright CVE-2015-6626 & CVE-2015-6631 & CVE-2015-6632 (Android 6.0.1)
  • Information Disclosure Vulnerability in Audio CVE-2015-6627 (Android 6.0.1)
  • Information Disclosure Vulnerability in Media Framework CVE-2015-6628 (Android 6.0.1)
  • Information Disclosure Vulnerability in Wi-Fi CVE-2015-6629 (Android 6.0.1)
  • Elevation of Privilege Vulnerability in System Server CVE-2015-6625 (Android 6.0.1)
  • Information Disclosure Vulnerability in SystemUI CVE-2015-6630 (Android 6.0.1)
  • CVE-2015-3829 (Android 5.1.1)
  • CVE-2015-3828 (Android 5.1.1)
  • CVE-2015-3827 (Android 5.1.1)
  • CVE-2015-3829, P0012, Google Stagefright ‘covr’ MP4 Atom Integer Overflow Remote Code Execution (Android 5.1.1)
  • CVE-2015-3824, P0011, Google Stagefright ‘tx3g’ MP4 Atom Integer Overflow Remote Code Execution (Android 5.1.1)
  • CVE-2015-3828, P0010, Google Stagefright 3GPP Integer Underflow Remote Code Execution (Android 5.1.1)
  • CVE-2015-3826, P0009, Google Stagefright 3GPP Metadata Buffer Overread (Android 5.1.1)
  • CVE-2015-3827, P0008, Google Stagefright ‘covr’ MP4 Atom Integer Underflow Remote Code Execution (Android 5.1.1)
  • CVE-2015-1539, P0007, Google Stagefright ‘esds’ MP4 Atom Integer Underflow Remote Code Execution (Android 5.1.1)
  • CVE-2015-1538, P0004, Google Stagefright ‘stss’ MP4 Atom Integer Overflow Remote Code Execution (Android 5.1.1)
  • Bypassing the Linux kernel for high-performance packet filtering (cloudflare) - affects Linux and Android (Android 5.x)
  • Kernel CVE-2013-2597
  • CVE-2013-6282 from 2013 which was fixed 2015
  • CVE-2015-8505 (Android 5.1)
  • CVE-2015-8074 (Android 5.1)
  • CVE-2015-8073 mediaserver in Android 4.4 and 5.1 before 5.1.1 LMY48X
  • [CVE-2015-0864] & CVE-2015-0863
  • CVE-2014-6041
  • Android Full Disk Encryption Cold Boot Attack (2012) (fixed since Android 5)

Rolling out to manufacturers and carriers

You can’t perform that action at this time.