3774 matches found
CVE-2022-20132
In lgprobe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User...
PT-2022-14412 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a missing permission check in the handle ramdump function of pixel loader.c, which could allow the creation of a ramdump of non-secure memory. This may lead to local information disclosure,...
PT-2022-14405 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: In the auth store of sjtag-driver.c, there is a possible read of uninitialized memory due to a missing bounds check. This could lead to local information disclosure with...
PT-2022-14399 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue concerns the Android kernel. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world...
PT-2022-14457
Name of the Vulnerable Software and Affected Versions Android kernel Description The issue is related to a possible out of bounds write due to an incorrect bounds check in the param find digests internal and related functions of the Titan-M source. This could lead to local escalation of privilege...
SUSE SLES12 Security Update : kernel (SUSE-SU-2022:2080-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2080-1 advisory. - In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a...
SUSE SLES15 Security Update : kernel (Live Patch 18 for SLE 15 SP3) (SUSE-SU-2022:1989-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1989-1 advisory. - In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in the Kernel components Kernel in Google Android. There is no information about this vulnerability yet, please stay tuned to CNNVD or the vendor's announcement...
PT-2022-4763 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to improper input validation in the kbase mem alias function of mali kbase mem linux.c, which could lead to arbitrary code execution and local escalation of privilege without requiring addition...
The vulnerability of the Android operating system’s kernel, which allows a hacker to disclose protected information
The vulnerability of the Android operating system’s kernel is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow a hacker to execute arbitrary code...
PT-2022-6287 · Google +1 · Android Kernel +1
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a use after free condition that could corrupt kernel memory, potentially leading to local escalation of privilege without requiring additional execution privileges. User interaction is not...
The vulnerability of the Android operating system’s kernel loader, allowing a hacker to execute arbitrary code
The vulnerability of the Android operating system’s kernel loader is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2022-20121
In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20117
In TBD of TBD, there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20118
In ionioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...
CVE-2022-20118
In ionioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...
CVE-2022-20120
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A...
Race condition
In ionioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...
Code injection
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A...
Information disclosure
In privatehandlet of maligrallocbuffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...