CVE-2023-21044

In init of VendorGraphicBufferMeta, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21043

In TBD of TBD, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239872581References: N/...

CVE-2023-21076

In createTransmitFollowupRequest of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-42498

In Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21050

In loadpngimage of ExynosHWCHelper.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

PT-2023-17864 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the dhd prot ioctcmplt process function of dhd msgbuf.c due to improper input validation. This could lead to local escalation of privilege, requiring System...

PT-2023-14128 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a missing bounds check in Pixel cellular firmware, which could lead to an out of bounds write. This might result in remote code execution without requiring additional execution privileges...

PT-2023-17850 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the EUTRAN LCS DecodeFacilityInformationElement function of LPP LcsManagement.c. This could lead to remote information disclosure without requiring additiona...

CVE-2023-21051

In dwc3exynosclkget of dwc3-exynos.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

PT-2023-17843 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a missing bounds check in the setToExternal function of ril external client.cpp, which could lead to a possible out of bounds write. This might result in local escalation of privilege,...

CVE-2023-21076

CVE-2023-21076 involves a possible out-of-bounds write due to a heap buffer overflow in the function createTransmitFollowupRequest within nan.cpp. The underlying issue is a heap buffer overflow that could enable a local escalation of privilege with System execution privileges required. Exploitati...

PT-2023-17867 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write due to a heap buffer overflow in the get svc hash function of nan.cpp. This could lead to local escalation of privilege with System execution privileges needed...

CVE-2023-21075

CVE-2023-21075 affects the Android kernel; the vulnerability is in get_svc_hash inside nan.cpp, caused by an out-of-bounds write due to a heap buffer overflow. The impact is local elevation of privilege with System-level execution privileges required; exploitation is possible without user interac...

CVE-2023-21059

CVE-2023-21059 affects the Android kernel: in EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a missing bounds check causing an out-of-bounds read. This can enable remote information disclosure without privileges and without user interaction. Affected component: Andro...

CVE-2023-21041

In appendtoparams of paramutil.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2023-21049

In appendcamerametadata of camerametadata.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

CVE-2023-21036

In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the code.Product: AndroidVersions: Android kernelAndroid ID: A-264261868References: N/A...

CVE-2023-21047

In ConvertToHalMetadata of aidlutils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid I...

CVE-2023-21079

In rttunpackxtlvcbfn of dhdrtt.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21045

When cpif handles probe failures, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...