Known Vulnerabilities
CVE-2018-5852
An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'
CVE-2017-18307
Information disclosure possible while audio playback.
CVE-2017-18306
Information disclosure due to uninitialized variable.
CVE-2018-11952
An image with a version lower than the fuse version may potentially be booted lead to improper authentication.
CVE-2017-17772
In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.
CVE-2017-15832
Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW
CVE-2017-11076
On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.
CVE-2016-10394
Initial xbl_sec revision does not have all the debug policy features and critical checks.
CVE-2017-9711
Certain unprivileged processes are able to perform IOCTL calls.