Vulnerabilites related to mi - redmi_6
Vulnerability from fkie_nvd
Published
2018-12-07 09:29
Modified
2024-11-21 03:58
Severity ?
Summary
The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtp_read_Color in drivers/input/touchscreen/gt917d/gt9xx.c.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/MiCode/Xiaomi_Kernel_OpenSource/issues/972 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/MiCode/Xiaomi_Kernel_OpenSource/issues/972 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mi | mi_a2_lite_firmware | * | |
| mi | mi_a2_lite | - | |
| mi | redmi_6_firmware | * | |
| mi | redmi_6 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:mi_a2_lite_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E210B0C2-2E73-4432-BE7E-538A15A91AA7",
"versionEndIncluding": "2018-08-27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:mi_a2_lite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F994DA0-1D4B-4DE5-BF56-716C0420380F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A64470D7-FCCF-4AC9-8B63-0089295A0D86",
"versionEndIncluding": "2018-08-27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8693971A-0952-486D-B4A7-31F28F8D2499",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtp_read_Color in drivers/input/touchscreen/gt917d/gt9xx.c."
},
{
"lang": "es",
"value": "El controlador de pantalla t\u00e1ctil Goodix GT9xx para Linux Kernels personalizados en Xiaomi daisy-o-oss y daisy-p-oss, tal como se usa en los dispositivos Mi A2 Lite y RedMi6 pro hasta 27/08/2018, tiene una diferencia de puntero NULL en kfree despu\u00e9s de una falla de kmalloc en gtp_read_Color en drivers / input / touchscreen / gt917d / gt9xx.c."
}
],
"id": "CVE-2018-19939",
"lastModified": "2024-11-21T03:58:51.013",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-07T09:29:00.353",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/MiCode/Xiaomi_Kernel_OpenSource/issues/972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/MiCode/Xiaomi_Kernel_OpenSource/issues/972"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-14 17:15
Modified
2024-11-21 04:28
Severity ?
Summary
The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V9.6.4.0.ODMMIFD:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201805292006) that allows any app co-located on the device to programmatically disable and enable Wi-Fi, Bluetooth, and GPS without the corresponding access permission through an exported interface.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.kryptowire.com/android-firmware-2019/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kryptowire.com/android-firmware-2019/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mi | redmi_6_firmware | - | |
| mi | redmi_6 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_6_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8382ABD-1001-46EF-8DF8-1A4B592AEA0A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8693971A-0952-486D-B4A7-31F28F8D2499",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V9.6.4.0.ODMMIFD:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201805292006) that allows any app co-located on the device to programmatically disable and enable Wi-Fi, Bluetooth, and GPS without the corresponding access permission through an exported interface."
},
{
"lang": "es",
"value": "El dispositivo Xiaomi Redmi 6 Pro Android con una huella digital de compilaci\u00f3n de xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V9.6.4.0.ODMMIFD:user/release-keys, contiene una aplicaci\u00f3n preinstalada con un nombre de paquete de aplicaci\u00f3n com.huaqin.factory (versionCode=1, versionName=QL1715_201805292006), que permite a cualquier aplicaci\u00f3n ubicada en el dispositivo deshabilitar y habilitar el Wi-Fi, Bluetooth y GPS mediante programaci\u00f3n sin el permiso de acceso correspondiente por medio de una interfaz exportada."
}
],
"id": "CVE-2019-15340",
"lastModified": "2024-11-21T04:28:29.647",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-14T17:15:15.350",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.kryptowire.com/android-firmware-2019/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.kryptowire.com/android-firmware-2019/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-07 16:29
Modified
2024-11-21 04:01
Severity ?
Summary
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://sec.xiaomi.com | Broken Link, Vendor Advisory | |
| cve@mitre.org | https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browser | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sec.xiaomi.com | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browser | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mi | stock_browser | 10.2.4g | |
| mi | redmi_7_firmware | - | |
| mi | redmi_7 | - | |
| mi | redmi_note_7_firmware | - | |
| mi | redmi_note_7 | - | |
| mi | redmi_note_6_pro_firmware | - | |
| mi | redmi_note_6_pro | - | |
| mi | redmi_6_firmware | - | |
| mi | redmi_6 | - | |
| mi | redmi_6a_firmware | - | |
| mi | redmi_6a | - | |
| mi | redmi_s2_firmware | - | |
| mi | redmi_s2 | - | |
| mi | redmi_note_5_pro_firmware | - | |
| mi | redmi_note_5_pro | - | |
| mi | redmi_k20_pro_firmware | - | |
| mi | redmi_k20_pro | - | |
| mi | redmi_k20_firmware | - | |
| mi | redmi_k20 | - | |
| mi | redmi_7a_firmware | - | |
| mi | redmi_7a | - | |
| mi | redmi_go_firmware | - | |
| mi | redmi_go | - | |
| mi | redmi_note_5_firmware | - | |
| mi | redmi_note_5 | - | |
| mi | redmi_y3_firmware | - | |
| mi | redmi_y3 | - | |
| mi | redmi_note_7s_firmware | - | |
| mi | redmi_note_7s | - | |
| mi | redmi_s2_firmware | - | |
| mi | redmi_s2 | - | |
| mi | redmi_4a_firmware | - | |
| mi | redmi_4a | - | |
| mi | redmi_note_4_firmware | - | |
| mi | redmi_note_4 | - | |
| mi | redmi_5_plus_firmware | - | |
| mi | redmi_5_plus | - | |
| mi | redmi_note_5a_prime_firmware | - | |
| mi | redmi_note_5a_prime | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mi:stock_browser:10.2.4g:*:*:*:*:*:*:*",
"matchCriteriaId": "A0DC836E-A962-4696-B765-9DAB9B8D2309",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_7_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8288623-A43F-46F6-9B59-BBCFEC0AC565",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C86BB5D5-B558-454D-AA19-90BDD0DD7EC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_note_7_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0A059E-F85B-4881-B871-774FD04FF352",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_note_7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63A02BC-7DB7-4B66-8FAC-CDAB57E54F48",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_note_6_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECA2BF3-67CD-464F-825F-C592D35371D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_note_6_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55301EB8-B8CB-4751-914E-90215167CC85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_6_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8382ABD-1001-46EF-8DF8-1A4B592AEA0A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8693971A-0952-486D-B4A7-31F28F8D2499",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_6a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B132ECA-99BD-45B9-8BC1-45D1C4157C9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_6a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3235BB2B-2C1C-471B-84FE-7635E576D841",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_s2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB77822-1E9A-425D-90F5-321073D424B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_s2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "860F1BE9-BC38-4D9D-A0C4-DD6FADB0A419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_note_5_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A08FAE6A-A912-47E2-B52C-2285D0004DF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_note_5_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6D1DED-3D08-453C-ABDC-98592FCEA554",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_k20_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "125A8634-664D-4B27-A9CE-BACC83C26660",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_k20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B2AE104-2650-464E-B8DC-3102EB918216",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_k20_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72625F6B-126A-45A9-81CA-B55CA82CF857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_k20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7002DB-5EB8-428C-AEFF-4C6EE3724F74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_7a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9452287A-AAF7-4F99-A61C-1F805D1E1718",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_7a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5835E6A-8895-4A9E-9ACC-AA9A0B910A41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_go_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42E47022-5D30-4820-BFA4-C62D79B9DC4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_go:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6FE0F2-9D6B-402F-B51C-A397EE487A76",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_note_5_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E692DE1B-5C04-4560-9115-978DED863525",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_note_5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D5643A-363C-4F44-898C-B2E439A0A498",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_y3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F063F6-32F9-45D1-A71F-7B62DEBDD0DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_y3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31B37973-86E1-4A71-B1EE-350D49A19EF2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_note_7s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC0B996-7930-4812-B2D3-C2C3334EE76A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_note_7s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E7B4FA0-55EC-4C3C-8DC7-2C50852F2E50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_s2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB77822-1E9A-425D-90F5-321073D424B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_s2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "860F1BE9-BC38-4D9D-A0C4-DD6FADB0A419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_4a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CAC196F-B4AD-4CBA-AC87-5C9FBBD9B9BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_4a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60C89EAF-C0BB-4A4A-953E-66A4A7164C57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_note_4_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F485578A-F35B-470B-A94C-F641BE4F3F7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_note_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA7C241-4382-4C31-A03D-3DBD86A9BE73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_5_plus_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E0F1E18-5D74-4730-ADE4-AE4E4B07B373",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_5_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76773FBD-9BFC-4B92-9782-138A72143A08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:redmi_note_5a_prime_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E64584F-0051-49DE-8FA8-6C06A37C3447",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:redmi_note_5a_prime:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24EB39E3-DC22-43FD-8435-47958DBD6B4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user\u0027s cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request."
},
{
"lang": "es",
"value": "Xiaomi stock Browser versi\u00f3n 10.2.4.g en dispositivos Xiaomi Redmi Note 5 Pro y otros tel\u00e9fonos Redmi Android, permite inyecci\u00f3n en el proveedor de contenido. En otras palabras, una aplicaci\u00f3n de terceros puede leer el historial del explorador del usuario en texto sin cifrar mediante una petici\u00f3n app.provider.query content://com.android.browser.searchhistory/searchhistory."
}
],
"id": "CVE-2018-20523",
"lastModified": "2024-11-21T04:01:39.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-07T16:29:00.440",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://sec.xiaomi.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browser"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://sec.xiaomi.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browser"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2018-19939
Vulnerability from cvelistv5
Published
2018-12-07 09:00
Modified
2024-08-05 11:51
Severity ?
EPSS score ?
Summary
The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtp_read_Color in drivers/input/touchscreen/gt917d/gt9xx.c.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/MiCode/Xiaomi_Kernel_OpenSource/issues/972 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:51:17.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/MiCode/Xiaomi_Kernel_OpenSource/issues/972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtp_read_Color in drivers/input/touchscreen/gt917d/gt9xx.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T18:02:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/MiCode/Xiaomi_Kernel_OpenSource/issues/972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtp_read_Color in drivers/input/touchscreen/gt917d/gt9xx.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/MiCode/Xiaomi_Kernel_OpenSource/issues/972",
"refsource": "MISC",
"url": "https://github.com/MiCode/Xiaomi_Kernel_OpenSource/issues/972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19939",
"datePublished": "2018-12-07T09:00:00",
"dateReserved": "2018-12-07T00:00:00",
"dateUpdated": "2024-08-05T11:51:17.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-20523
Vulnerability from cvelistv5
Published
2019-06-07 15:36
Modified
2024-08-05 12:05
Severity ?
EPSS score ?
Summary
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.
References
| ▼ | URL | Tags |
|---|---|---|
| https://sec.xiaomi.com | x_refsource_MISC | |
| https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browser | x_refsource_MISC | |
| http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:05:17.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sec.xiaomi.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browser"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user\u0027s cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-12T17:06:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sec.xiaomi.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browser"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20523",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user\u0027s cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sec.xiaomi.com",
"refsource": "MISC",
"url": "https://sec.xiaomi.com"
},
{
"name": "https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browser",
"refsource": "MISC",
"url": "https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browser"
},
{
"name": "http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20523",
"datePublished": "2019-06-07T15:36:55",
"dateReserved": "2018-12-27T00:00:00",
"dateUpdated": "2024-08-05T12:05:17.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-15340
Vulnerability from cvelistv5
Published
2019-11-14 16:24
Modified
2024-08-05 00:42
Severity ?
EPSS score ?
Summary
The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V9.6.4.0.ODMMIFD:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201805292006) that allows any app co-located on the device to programmatically disable and enable Wi-Fi, Bluetooth, and GPS without the corresponding access permission through an exported interface.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.kryptowire.com/android-firmware-2019/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:42:03.734Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kryptowire.com/android-firmware-2019/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V9.6.4.0.ODMMIFD:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201805292006) that allows any app co-located on the device to programmatically disable and enable Wi-Fi, Bluetooth, and GPS without the corresponding access permission through an exported interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T16:24:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kryptowire.com/android-firmware-2019/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15340",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V9.6.4.0.ODMMIFD:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201805292006) that allows any app co-located on the device to programmatically disable and enable Wi-Fi, Bluetooth, and GPS without the corresponding access permission through an exported interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kryptowire.com/android-firmware-2019/",
"refsource": "MISC",
"url": "https://www.kryptowire.com/android-firmware-2019/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-15340",
"datePublished": "2019-11-14T16:24:35",
"dateReserved": "2019-08-22T00:00:00",
"dateUpdated": "2024-08-05T00:42:03.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}