Recent CVEs
CVE-2014-9979
In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory.
CVE-2014-9973
In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine.
CVE-2014-9963
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM.
CVE-2014-9967
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM.
CVE-2014-9965
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of an SCM call.
CVE-2014-9949
In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist.
CVE-2014-9952
In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist.
CVE-2014-9942
In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist.
CVE-2014-9933
Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access.
CVE-2014-9931
A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value.