3774 matches found
PT-2022-14795 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to improper input validation in the valid va secbuf check function of drm access control.c. This could lead to local information disclosure, requiring System execution privileges for...
PT-2022-14805 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to an integer overflow in the sec media protect function of media.c, which could lead to a local escalation of privilege in secure mode MFC Core. No additional execution privileges are needed,...
CVE-2022-42531
CVE-2022-42531 affects the Android kernel component gs_ldfw_load.c, specifically the mmu_map_for_fw path. The issue is described as a mitigation bypass due to Permissive Memory Allocation, enabling local elevation of privilege without additional execution privileges or user interaction. The vulne...
PT-2022-14788 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the ppmp unprotect mfcfw buf function of drm fw.c due to improper input validation. This could lead to local escalation of privilege with no additional...
CVE-2022-20605
In SAECOMMCopyBufferBytes of SAECOMMUtility.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi...
CVE-2022-20589
In validvasecbufcheck of drmaccesscontrol.c, there is a possible ID due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2022-20584
In pagenumber of sharedmem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20564
In ufdtoutputstrtabtofdt of ufdtconvert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20590
In validvasecmfccheck of drmaccesscontrol.c, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Andro...
CVE-2022-20579
In RadioImpl::setCdmaBroadcastConfig of rilservicelegacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20587
In ppmpvalidatewsm of drmfw.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2022-42518
In BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20574
In secsysmmuinfo of drmfw.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2022-20601
Product: AndroidVersions: Android kernelAndroid ID: A-204541506References: N/A...
PT-2022-14783 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write due to a missing bounds check in OemSimAuthRequest::encode of wlandata.cpp. This could lead to local escalation of privilege with System execution privileges...
PT-2022-14778 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue concerns the Android kernel. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world...
PT-2022-14773 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: In the aud hal tunnel.c file, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...
CVE-2022-20583
CVE-2022-20583 affects the Android kernel DRM firmware path: in function ppmp_unprotect_mfcfw_buf there is an out-of-bounds write due to improper input validation. This could enable local escalation of privilege in S-EL1 with System privileges granted, and exploitation is described as not requiri...
PT-2022-26469 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the CallDialReqData::encode function of callreqdata.cpp due to a missing bounds check. This could lead to local escalation of privilege with System executio...
CVE-2022-20610
CVE-2022-20610 : In Android Pixel devices, a vulnerability in the cellular modem firmware (Pixel cellular modem) enables a possible out-of-bounds read due to a missing bounds check, which could allow remote code execution. Exploitation is network-based with no user interaction required; LTE authe...