Back to all manufacturers

NVIDIA

NVIDIA is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

CVE-2016-2434

(json)

• CVE numbers: CVE-2016-2434 [Bulletin-CVE-2016-2434]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in NVIDIA Video Driver
• Details: The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090. [NIST-CVE-2016-2434]
• Discovered by: on: Unknown
• Reported on: 2016-05-01 [Bulletin-CVE-2016-2434]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-2434]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2435

(json)

• CVE numbers: CVE-2016-2435 [Bulletin-CVE-2016-2435]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in NVIDIA Video Driver
• Details: The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988. [NIST-CVE-2016-2435]
• Discovered by: on: Unknown
• Reported on: 2016-05-01 [Bulletin-CVE-2016-2435]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-2435]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2436

(json)

• CVE numbers: CVE-2016-2436 [Bulletin-CVE-2016-2436]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in NVIDIA Video Driver
• Details: The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111. [NIST-CVE-2016-2436]
• Discovered by: on: Unknown
• Reported on: 2016-05-01 [Bulletin-CVE-2016-2436]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-2436]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2437

(json)

• CVE numbers: CVE-2016-2437 [Bulletin-CVE-2016-2437]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in NVIDIA Video Driver
• Details: The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822. [NIST-CVE-2016-2437]
• Discovered by: on: Unknown
• Reported on: 2016-05-01 [Bulletin-CVE-2016-2437]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-2437]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3769

(json)

• CVE numbers: CVE-2016-3769 [Bulletin-CVE-2016-3769]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA video driver
• Details: The NVIDIA video driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28376656. [NIST-CVE-2016-3769]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-3769]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-3769]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6730

(json)

• CVE numbers: CVE-2016-6730 [Bulletin-CVE-2016-6730]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30904789. References: NVIDIA N-CVE-2016-6730. [NIST-CVE-2016-6730]
• Discovered by: on: Unknown
• Reported on: 2016-11-01 [Bulletin-CVE-2016-6730]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6730]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6731

(json)

• CVE numbers: CVE-2016-6731 [Bulletin-CVE-2016-6731]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30906023. References: NVIDIA N-CVE-2016-6731. [NIST-CVE-2016-6731]
• Discovered by: on: Unknown
• Reported on: 2016-11-01 [Bulletin-CVE-2016-6731]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6731]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6732

(json)

• CVE numbers: CVE-2016-6732 [Bulletin-CVE-2016-6732]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30906599. References: NVIDIA N-CVE-2016-6732. [NIST-CVE-2016-6732]
• Discovered by: on: Unknown
• Reported on: 2016-11-01 [Bulletin-CVE-2016-6732]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6732]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6733

(json)

• CVE numbers: CVE-2016-6733 [Bulletin-CVE-2016-6733]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30906694. References: NVIDIA N-CVE-2016-6733. [NIST-CVE-2016-6733]
• Discovered by: on: Unknown
• Reported on: 2016-11-01 [Bulletin-CVE-2016-6733]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6733]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6734

(json)

• CVE numbers: CVE-2016-6734 [Bulletin-CVE-2016-6734]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30907120. References: NVIDIA N-CVE-2016-6734. [NIST-CVE-2016-6734]
• Discovered by: on: Unknown
• Reported on: 2016-11-01 [Bulletin-CVE-2016-6734]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6734]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6735

(json)

• CVE numbers: CVE-2016-6735 [Bulletin-CVE-2016-6735]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30907701. References: NVIDIA N-CVE-2016-6735. [NIST-CVE-2016-6735]
• Discovered by: on: Unknown
• Reported on: 2016-11-01 [Bulletin-CVE-2016-6735]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6735]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6736

(json)

• CVE numbers: CVE-2016-6736 [Bulletin-CVE-2016-6736]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30953284. References: NVIDIA N-CVE-2016-6736. [NIST-CVE-2016-6736]
• Discovered by: on: Unknown
• Reported on: 2016-11-01 [Bulletin-CVE-2016-6736]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6736]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6775

(json)

• CVE numbers: CVE-2016-6775 [Bulletin-CVE-2016-6775]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31222873. References: N-CVE-2016-6775. [NIST-CVE-2016-6775]
• Discovered by: on: Unknown
• Reported on: 2016-12-01 [Bulletin-CVE-2016-6775]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6775]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6776

(json)

• CVE numbers: CVE-2016-6776 [Bulletin-CVE-2016-6776]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31680980. References: N-CVE-2016-6776. [NIST-CVE-2016-6776]
• Discovered by: on: Unknown
• Reported on: 2016-12-01 [Bulletin-CVE-2016-6776]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6776]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6777

(json)

• CVE numbers: CVE-2016-6777 [Bulletin-CVE-2016-6777]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31910462. References: N-CVE-2016-6777. [NIST-CVE-2016-6777]
• Discovered by: on: Unknown
• Reported on: 2016-12-01 [Bulletin-CVE-2016-6777]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6777]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6915

(json)

• CVE numbers: CVE-2016-6915 [Bulletin-CVE-2016-6915]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA video driver
• Details: Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5. [NIST-CVE-2016-6915]
• Discovered by: on: Unknown
• Reported on: 2016-12-01 [Bulletin-CVE-2016-6915]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6915]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6916

(json)

• CVE numbers: CVE-2016-6916 [Bulletin-CVE-2016-6916]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA video driver
• Details: Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow. [NIST-CVE-2016-6916]
• Discovered by: on: Unknown
• Reported on: 2016-12-01 [Bulletin-CVE-2016-6916]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6916]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-6917

(json)

• CVE numbers: CVE-2016-6917 [Bulletin-CVE-2016-6917]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA video driver
• Details: Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5. [NIST-CVE-2016-6917]
• Discovered by: on: Unknown
• Reported on: 2016-12-01 [Bulletin-CVE-2016-6917]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-6917]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-8424

(json)

• CVE numbers: CVE-2016-8424 [Bulletin-CVE-2016-8424]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31606947. References: N-CVE-2016-8424. [NIST-CVE-2016-8424]
• Discovered by: Peter Pi (@heisecode) of Trend Micro [Discovery-CVE-2016-8424] on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8424]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-8424]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8425

(json)

• CVE numbers: CVE-2016-8425 [Bulletin-CVE-2016-8425]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31797770. References: N-CVE-2016-8425. [NIST-CVE-2016-8425]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2016-8425] on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8425]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-8425]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8426

(json)

• CVE numbers: CVE-2016-8426 [Bulletin-CVE-2016-8426]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31799206. References: N-CVE-2016-8426. [NIST-CVE-2016-8426]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2016-8426] on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8426]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-8426]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8427

(json)

• CVE numbers: CVE-2016-8427 [Bulletin-CVE-2016-8427]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31799885. References: N-CVE-2016-8427. [NIST-CVE-2016-8427]
• Discovered by: Di Shen (@returnsme) of KeenLab (@keen_lab), Tencent [Discovery-CVE-2016-8427] on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8427]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-8427]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8428

(json)

• CVE numbers: CVE-2016-8428 [Bulletin-CVE-2016-8428]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31993456. References: N-CVE-2016-8428. [NIST-CVE-2016-8428]
• Discovered by: Peter Pi (@heisecode) of Trend Micro [Discovery-CVE-2016-8428] on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8428]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-8428]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8429

(json)

• CVE numbers: CVE-2016-8429 [Bulletin-CVE-2016-8429]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32160775. References: N-CVE-2016-8429. [NIST-CVE-2016-8429]
• Discovered by: Peter Pi (@heisecode) of Trend Micro [Discovery-CVE-2016-8429] on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8429]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-8429]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8430

(json)

• CVE numbers: CVE-2016-8430 [Bulletin-CVE-2016-8430]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32225180. References: N-CVE-2016-8430. [NIST-CVE-2016-8430]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2016-8430] on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8430]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-8430]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8431

(json)

• CVE numbers: CVE-2016-8431 [Bulletin-CVE-2016-8431]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32402179. References: N-CVE-2016-8431. [NIST-CVE-2016-8431]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2016-8431] on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8431]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-8431]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8432

(json)

• CVE numbers: CVE-2016-8432 [Bulletin-CVE-2016-8432]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32447738. References: N-CVE-2016-8432. [NIST-CVE-2016-8432]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2016-8432] on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8432]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-8432]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8435

(json)

• CVE numbers: CVE-2016-8435 [Bulletin-CVE-2016-8435]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32700935. References: N-CVE-2016-8435. [NIST-CVE-2016-8435]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2016-8435] on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8435]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-8435]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-8482

(json)

• CVE numbers: CVE-2016-8482 [Bulletin-CVE-2016-8482]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. References: N-CVE-2016-8482. [NIST-CVE-2016-8482]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2016-8482] on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8482]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2016-8482]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0428

(json)

• CVE numbers: CVE-2017-0428 [Bulletin-CVE-2017-0428]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32401526. References: N-CVE-2017-0428. [NIST-CVE-2017-0428]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2017-0428] on: Unknown
• Reported on: 2017-02-01 [Bulletin-CVE-2017-0428]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2017-0428]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0429

(json)

• CVE numbers: CVE-2017-0429 [Bulletin-CVE-2017-0429]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32636619. References: N-CVE-2017-0429. [NIST-CVE-2017-0429]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2017-0429] on: Unknown
• Reported on: 2017-02-01 [Bulletin-CVE-2017-0429]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2017-0429]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0306

(json)

• CVE numbers: CVE-2017-0306 [Bulletin-CVE-2017-0306]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-34132950. References: N-CVE-2017-0306. [NIST-CVE-2017-0306]
• Discovered by: Nathan Crandall (@natecray) of Tesla Motors Product Security Team [Discovery-CVE-2017-0306] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0306]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2017-0306]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0333

(json)

• CVE numbers: CVE-2017-0333 [Bulletin-CVE-2017-0333]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33899363. References: N-CVE-2017-0333. [NIST-CVE-2017-0333]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2017-0333] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0333]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2017-0333]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0335

(json)

• CVE numbers: CVE-2017-0335 [Bulletin-CVE-2017-0335]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33043375. References: N-CVE-2017-0335. [NIST-CVE-2017-0335]
• Discovered by: Billy Lau of Android Security [Discovery-CVE-2017-0335] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0335]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2017-0335]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0337

(json)

• CVE numbers: CVE-2017-0337 [Bulletin-CVE-2017-0337]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-31992762. References: N-CVE-2017-0337. [NIST-CVE-2017-0337]
• Discovered by: Qidan He (何淇丹) (@flanker_hqd) of KeenLab, Tencent (腾讯科恩实验室) [Discovery-CVE-2017-0337] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0337]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2017-0337]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0338

(json)

• CVE numbers: CVE-2017-0338 [Bulletin-CVE-2017-0338]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA GPU driver
• Details: An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33057977. References: N-CVE-2017-0338. [NIST-CVE-2017-0338]
• Discovered by: Billy Lau of Android Security [Discovery-CVE-2017-0338] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2017-0338]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2017-0338]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-0331

(json)

• CVE numbers: CVE-2017-0331 [Bulletin-CVE-2017-0331]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in NVIDIA video driver
• Details: An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel 3.10. Android ID: A-34113000. References: N-CVE-2017-0331. [NIST-CVE-2017-0331]
• Discovered by: Nathan Crandall (@natecray) of Tesla Motors Product Security Team [Discovery-CVE-2017-0331] on: Unknown
• Reported on: 2017-05-01 [Bulletin-CVE-2017-0331]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2017-0331]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2017-6289

(json)

• CVE numbers: CVE-2017-6289 [Bulletin-CVE-2017-6289]
• Coordinated disclosure?: unknown
• Categories: NVIDIA components
• Details: In Android before the 2018-05-05 security patch level, NVIDIA Trusted Execution Environment (TEE) contains a memory corruption (due to unusual root cause) vulnerability, which if run within the speculative execution of the TEE, may lead to local escalation of privileges. This issue is rated as critical. Android: A-72830049. Reference: N-CVE-2017-6289. [NIST-CVE-2017-6289]
• Discovered by: on: Unknown
• Reported on: 2018-05-01 [Bulletin-CVE-2017-6289]
• Fixed on: Unknown
• Fix released on: 2018-05-05 [Bulletin-CVE-2017-6289]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2017-6289]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-25

CVE-2018-6271

(json)

• CVE numbers: CVE-2018-6271 [Bulletin-CVE-2018-6271]
• Coordinated disclosure?: unknown
• Categories: NVIDIA components
• Details: NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474. [NIST-CVE-2018-6271]
• Discovered by: Hongli Han (@hexb1n) and Mingjian Zhou (周明建) (@Mingjian_Zhou) of C0RE Team [Discovery-CVE-2018-6271] on: Unknown
• Reported on: 2019-02-01 [Bulletin-CVE-2018-6271]
• Fixed on: Unknown
• Fix released on: 2019-02-05 [Bulletin-CVE-2018-6271]
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: NVIDIA [Bulletin-CVE-2018-6271]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-24