CVE-2023-21148

In BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...

PT-2023-18006 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue involves the possible use of unencrypted transport over cellular networks due to an insecure default value, which could lead to remote information disclosure without requiring additional execution...

PT-2023-17948 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read due to a missing null check in the BuildSetRadioNode of protocolmiscbuilder.cpp. This could lead to local information disclosure with no additional execution...

CVE-2023-21147

CVE-2023-21147 (Android kernel) involves a use-after-free in lwis_i2c_device_disable within lwis_device_i2c.c. The underlying logic error can lead to local elevation of privilege with no extra execution privileges required, and exploitation is described as local with no user interaction. Multiple...

PT-2023-17943 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the handle set parameters ctrl function of hal socket.c due to an incorrect bounds check. This could lead to local information disclosure, requiring System...

CVE-2023-21157

In encode of wlandata.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21147

In lwisi2cdevicedisable of lwisdevicei2c.c, there is a possible UAF due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

CVE-2023-21066

In cdCodeMsg of cdcodec.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

PT-2023-18010 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a heap buffer overflow in the ss ProcessReturnResultComponent function of ss MmConManagement.c, which could lead to a possible out of bounds read. This might result in remote information...

PT-2023-17940 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible use-after-free UAF due to a logic error in the lwis i2c device disable function of lwis device i2c.c. This could lead to local escalation of privilege with no additional execution...

PT-2023-17942 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android kernel Description: The issue is related to a missing permission check in the registerGsmaServiceIntentReceiver function of ShannonRcsService.java. This could allow for the activation or deactivation of the RCS servic...

PT-2023-17947 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the StoreAdbSerialNumber of protocolmiscbuilder.cpp due to a missing bounds check. This could lead to local information disclosure with System execution...

PT-2023-17952 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the Parse of simdata.cpp due to a missing bounds check. This could lead to local escalation of privilege, with System execution privileges needed. User...

PT-2023-18022 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the aoc service set read blocked function of aoc.c due to a missing bounds check. This could lead to local escalation of privilege, requiring System executi...

PT-2023-17953 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a heap buffer overflow in the BuildSetTcsFci function of protocolmiscbuilder.cpp, which could lead to a possible out of bounds read. This may result in local information disclosure without...

PT-2023-17944 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a heap buffer overflow in the Google BMS kernel module, which could lead to a local escalation of privilege. System execution privileges are needed for exploitation, and user interaction is...

CVE-2023-21223

In LPPConvertGNSSDataBitAssistance of LPPCommonUtil.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2023-21219

there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...

PT-2023-18007 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue involves the possible use of unencrypted transport over cellular networks due to an insecure default value, potentially leading to remote information disclosure without requiring additional execution...

CVE-2023-21220

there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...