3774 matches found
CVE-2022-20567
In pppol2tpcreate of l2tpppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
PT-2022-14779 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to a use after free in the extract metadata function of dm-android-verity.c, which could lead to corruption of kernel memory. This might result in local...
CVE-2022-20572
In veritytarget of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
PT-2022-14774 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: A logic error in the code of ap input processor.c functions could allow recording audio during a phone call, leading to local information disclosure. This issue requires User execution privileges and does not need...
CVE-2022-42526
In ConvertUtf8ToUcs2 of radiohalutils.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...
PT-2022-14801 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the updateStart function of WirelessCharger.cpp due to a missing bounds check. This could lead to local escalation of privilege with System execution...
CVE-2022-20591
CVE-2022-20591 affects the Android kernel component ppmpu_set in ppmpu.c. The vulnerability is a logic error that can cause information disclosure locally without requiring additional execution privileges, and it does not require user interaction. Several connected sources consistently describe a...
CVE-2022-42534
CVE-2022-42534 affects the Android kernel component, specifically the trusty_ffa_mem_reclaim path in shared-mem-smcall.c. The issue is a privilege-escalation vulnerability caused by improper input validation, enabling local elevation of privilege with no additional execution privileges required, ...
PT-2022-14812 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the SAECOMM SetDcnIdForPlmn function of SAECOMM DbManagement.c due to a missing bounds check. This could lead to remote information disclosure from a single...
CVE-2022-20588
CVE-2022-20588 affects the Android kernel in the sysmmu_map function of sysmmu.c. The issue is a precondition check failure that can enable local elevation of privilege, granting System execution privileges. Exploitation details are not provided in the supplied documents; no user interaction is r...
PT-2022-14789 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write due to improper input validation in the ppmp unprotect mfcfw buf function of drm fw.c. This could lead to local escalation of privilege in S-EL1 with System...
CVE-2022-20578
CVE-2022-20578 : Vulnerability in RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp can cause a stack clash and memory corruption, enabling local privilege escalation with System privileges required. The issue is exploitable locally (no user interaction) and affects Android kernels using...
CVE-2022-20562
In various functions of apinputprocessor.c, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...
CVE-2022-42530
In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2022-20563
In TBD of ufdtconvert, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2022-42504
In CallDialReqData::encodeCallNumber of callreqdata.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20585
In validoutofspecialsecdramaddr of drmaccesscontrol.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20603
In SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20604
In SAECOMMSetDcnIdForPlmn of SAECOMMDbManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from a single device with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-42531
In mmumapforfw of gsldfwload.c, there is a possible mitigation bypass due to Permissive Memory Allocation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...