3774 matches found
Race condition
In eicPresentationRetrieveEntryValue of acropora/app/identity/libeic/EicPresentation.c, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for...
Out-of-bounds
In bpfprogtestrunskb of testrun.c, there is a possible out of bounds read due to Incorrect Size Value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2021-39698
CVE-2021-39698 affects the Android kernel. In aio_poll_complete_work() in aio.c there is a use-after-free that can corrupt memory, potentially enabling local privilege escalation with no extra execution privileges required and no user interaction. The advisory notes the impact as local escalation...
CVE-2021-39698
In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2021-39686
In several functions of binder.c, there is a possible way to represent the wrong domain to SELinux due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-39686
In several functions of binder.c, there is a possible way to represent the wrong domain to SELinux due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-39685
In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-39685
In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-39793
In kbasejduserbufpinpages of malikbasemem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2021-39793
In kbasejduserbufpinpages of malikbasemem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2021-39792
In usbgadgetgivebackrequest of core.c, there is a possible use after free out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2021-39792
CVE-2021-39792 concerns the Android kernel, specifically the function usb_gadget_giveback_request in core.c. It describes a race condition that can cause a use-after-free and an out-of-bounds read, potentially leading to local information disclosure with SYSTEM privileges required. No user intera...
CVE-2021-39735
In gasketalloccoherentmemory of gasketpagetable.c, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...
CVE-2021-39733
CVE-2021-39733 affects the Android kernel audio path (audiometrics.c) via amcs_cdev_unlocked_ioctl. The vulnerability is a possible out-of-bounds write caused by improper input validation, which could enable local elevation of privilege to SYSTEM if exploited. Exploitation is described as local w...
CVE-2021-39733
In amcscdevunlockedioctl of audiometrics.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2021-39731
In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-39729
In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2021-39729
The CVE-2021-39729 issue affects the TitanM chip in Android, caused by a missing bounds check that enables an out-of-bounds write. This can lead to local privilege escalation with System execution privileges required, and exploitation does not require user interaction. Documents consistently desc...
CVE-2021-39727
In eicPresentationRetrieveEntryValue of acropora/app/identity/libeic/EicPresentation.c, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for...
CVE-2021-39725
In gasketfreecoherentmemoryall of gasketpagetable.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...