CVE-2023-21079

In rttunpackxtlvcbfn of dhdrtt.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21067

Product: AndroidVersions: Android kernelAndroid ID: A-254114726References: N/A...

PT-2023-17853 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue concerns the Android kernel. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world...

CVE-2023-21072

In rttunpackxtlvcbfn of dhdrtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21042

In TBD of TBD, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239873326References: N/...

CVE-2023-21048

In handleEvent of nan.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21070

In addroamcachelist of wlroam.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21062

In DoSetTempEcc of imsservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21078

In rttunpackxtlvcbfn of dhdrtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21058

In lcsmSendRrAcquiAssist of lcsmbcmassist.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

PT-2023-14130 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to improper input validation in the OEM OnRequest function of sced.cpp, which could lead to shell command execution. This may result in local escalation...

PT-2023-17854 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to an incorrect bounds check in the DoSetTempEcc function of imsservice.cpp, which could lead to a possible out of bounds read. This could result in local escalation of privilege, requiring...

CVE-2022-42499

In smsSendMmCpErrMsg of smsMmConManagement.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2023-21047

In ConvertToHalMetadata of aidlutils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid I...

CVE-2022-42500

In OEMOnRequest of sced.cpp, there is a possible shell command execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21071

The CVE-2023-21071 entry affects the Android kernel, specifically the dhd_prot_ioctcmplt_process function in dhd_msgbuf.c. The issue is an out-of-bounds write caused by improper input validation, enabling local escalation of privilege with System execution privileges required. User interaction is...

PT-2023-17838 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to a missing bounds check in the handleEvent function of nan.cpp, which could lead to a possible out of bounds read. This may result in local informatio...

PT-2023-17846 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible use after free due to a race condition in the dit hal ioctl function of dit.c. This could lead to local escalation of privilege with System execution privileges needed. User...

PT-2023-17852 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: In the sms GetTpPiIe function of sms PduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed...

PT-2023-17848 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: In the ProfSixDecomTcpSACKoption of RohcPacketCommon, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed...