3774 matches found
Information disclosure
In handleramdump of pixelloader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20153
In rcucblistdequeue of rcusegcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
Out-of-bounds
In asn1p256int of crypto/asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Out-of-bounds
In exynossecEnvinit of mach-gs101.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...
Out-of-bounds
In authstore of sjtag-driver.c, there is a possible read of uninitialized memory due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...
CVE-2022-20233
In paramfinddigestsinternal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20179
Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A...
CVE-2022-20178
In ioctldpmqosupdate and ioctleventcontrolset of TBD, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20176
CVE-2022-20176 affects the Android kernel, specifically the sjtag-driver.c module in the auth_store path. The root cause is a missing bounds check that allows a read of uninitialized memory. This can lead to a local information disclosure and, per the description, may enable system-level executio...
CVE-2022-20172
CVE-2022-20172 concerns the Android kernel component ShannonRcsService.java, where the onbind method lacks a necessary permission check. This can enable local information disclosure without requiring additional execution privileges or user interaction, per multiple sources. Affected context is de...
CVE-2022-20172
In onbind of ShannonRcsService.java, there is a possible access to protect data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20171
Product: AndroidVersions: Android kernelAndroid ID: A-215565667References: N/A...
CVE-2022-20170
CVE-2022-20170 affects Google Pixel modem/Kernel stack (Pixel modem) and enables a remote code execution via a zero-click attack that could downgrade the device to 2G and seize control of the handset. Publicly documented as a critical, network-exposed vulnerability (CVSS v3.1 score 9.8). Google p...
CVE-2022-20168
Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A...
CVE-2022-20166
In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...
CVE-2022-20166
In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...
CVE-2022-20165
In asn1parse of asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2022-20164
Product: AndroidVersions: Android kernelAndroid ID: A-204891956References: N/A...
CVE-2022-20164
CVE-2022-20164 is listed in the Pixel security bulletin as an Elevation of Privilege (EoP) affecting the Modem component, tied to the Android kernel. The connected Pixel bulletin entry confirms the issue is categorized as EoP for Modem with no public exploit details provided in the documents. The...
CVE-2022-20156
CVE-2022-20156 is an elevation-of-privilege vulnerability in Android’s graphics path: specifically, an issue in the unflatten path of GraphicBuffer.cpp that allows arbitrary code execution via improper input validation. Exploitation is local and does not require user interaction. The impact is st...