By year - Android Vulnerabilities

CVE numbers: CVE-2009-2692 [vulmon]
Coordinated disclosure?: false
Categories: kernel
Details: A vulnerability in the kernel allows local users to gain privileges due to function pointers not being initialised. [vulmon] According to one source, Android versions up to 3.2.6 are vulnerable [android-paper]
Discovered by: Tavis Ormandy and Julien Tinnes [cr0][archived] on: Unknown
Reported on: 2009-08-13 [cr0][archived]
Fixed on: 2009-08-13 [linux-commit]
Fix released on: Unknown
Affected versions: Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4 [cve-mitre-sock-sendpage], Android up to 2.1 [cve-mitre-sock-sendpage] regex: (1.[0-9].[0-9])|(2.[0-1].[0-9])
Affected devices: all [citation-needed]
Affected manufacturers: all [citation-needed]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-03

CVE numbers:
Coordinated disclosure?: false
Categories: signature
Details: Ability to modify a signed OTA recovery package due to an error in the signature verifier [hackers-handbook]
Discovered by: Christopher Lais (Zinx) [hackers-handbook] on: Unknown
Reported on: 2009-12-11 [volez-zen-thought][archived]
Fixed on: Unknown
Fix released on: Unknown
Affected versions: 2.0-2.0.1 [android-paper] regex: 2.0.[0-1]
Affected devices: Motorola Droid [android-paper]
Affected manufacturers: Motorola [android-paper]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-06-28