CVE-2023-21056

In lwisslcbufferfree of lwisdeviceslc.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21052

In setToExternal of rilexternalclient.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

CVE-2023-21060

In smsGetTpPiIe of smsPduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...

CVE-2023-21039

In dumpstateBoard of Dumpstate.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21075

In getsvchash of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21078

In rttunpackxtlvcbfn of dhdrtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2023-21046

In ConvertToHalMetadata of aidlutils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...

CVE-2023-21055

In dithalioctl of dit.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-244301523References:...

CVE-2023-21064

In DoSetPinControl of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

CVE-2023-21054

In EUTRANLCSConvertLCSMOLRReq of LPPCommonUtil.c, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2023-21050

In loadpngimage of ExynosHWCHelper.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

CVE-2022-42528

In ffamrdprot of sharedmem.c, there is a possible ID due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

PT-2023-17845 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is caused by a logic error in the code of EUTRAN LCS ConvertLCS MOLRReq in LPP CommonUtil.c, leading to a possible out of bounds write. This could result in remote code execution with System execution...

CVE-2023-21062

In DoSetTempEcc of imsservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

PT-2023-17842 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to an incorrect bounds check in the dwc3 exynos clk get function of dwc3-exynos.c, which could lead to a possible out of bounds write. This may result in local escalation of privilege in the...

PT-2023-17861 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the wl update hidden ap ie function of wl cfgscan.c due to a missing bounds check. This could lead to local escalation of privilege with System execution...

CVE-2023-21059

In EUTRANLCSDecodeFacilityInformationElement of LPPLcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2023-21054

In EUTRANLCSConvertLCSMOLRReq of LPPCommonUtil.c, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2023-21076

In createTransmitFollowupRequest of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2023-21057

In ProfSixDecomTcpSACKoption of RohcPacketCommon, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...