PT-2022-25955 · Unknown · Hw Keymaster

Name of the Vulnerable Software and Affected Versions: HW KEYMASTER affected versions not specified Description: The issue is related to the HW KEYMASTER module not verifying the data it reads. This could potentially allow for malicious construction of data, leading to out-of-bounds access...

CVE-2021-46839

The HWKEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access...

Huawei HarmonyOS 缓冲区错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A buffer error vulnerability exists in Huawei HarmonyOS versions prior to 2.0, which stems from a lack of length checking vulnerability in the HWKEYMASTER...

Huawei HarmonyOS 缓冲区错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a lack of checksums on reads in the HWKEYMASTER module...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a microkernel-based, fully distributed operating system. Huawei HarmonyOS version 2.0 is vulnerable to an input validation error that stems from a lack of checksum on read content in the HWKEYMASTER module. An attacker could...

Huawei HarmonyOS 缓冲区错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A buffer error vulnerability exists in Huawei HarmonyOS versions prior to 2.0, which stems from an out-of-bounds access vulnerability in the parameter set...

CVE-2021-40017

The HWKEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access...

CVE-2021-40019

Out-of-bounds heap read vulnerability in the HWKEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access...

Huawei EMUI和Magic UI缓冲区错误漏洞

Huawei EMUI and Huawei Magic UI are both products of Huawei China.Huawei EMUI is a mobile operating system based on Android development.Huawei Magic UI is a smart device operating system. A buffer error vulnerability exists in Huawei EMUI and Magic UI, which stems from an out-of-bounds heap read...

PT-2022-11139 · Unknown · Hw Keymaster

Name of the Vulnerable Software and Affected Versions: HW KEYMASTER affected versions not specified Description: The HW KEYMASTER module lacks a validity check of the key format, which may result in out-of-bounds memory access if successfully exploited. Recommendations: At the moment, there is no...

Huawei HarmonyOS 输入验证错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. HarmonyOS version 2.0 contains a buffer overflow vulnerability that stems from the fact that the HWKEYMASTER module does not perform a legitimacy check on the key format, which can be exploited to cause out-of-bounds access...

CVE-2022-20377

CVE-2022-20377 affects Android’s keymaster_ipc.cpp, enabling an attacker to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. This configuration flaw can lead to local elevation of privilege with no additional execution privileges required and without user interaction. Public r...

PT-2022-14602 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: In the keymaster ipc.cpp, there is a possibility to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. This could lead to local escalation of privilege with no...

CVE-2021-40040

Vulnerability of writing data to an arbitrary address in the HWKEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality...

HUAWEI EMUI和Magic UI 安全漏洞

Huawei EMUI is a mobile operating system developed on Android. Huawei Magic UI is a smart device operating system. Huawei EMUI and Magic UI are vulnerable to an information disclosure vulnerability that originates from the issue of writing data to an arbitrary address in the HWKEYMASTER module,...

CVE-2021-40040

Vulnerability of writing data to an arbitrary address in the HWKEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality...

PT-2022-11162 · Unknown · Hw Keymaster

Name of the Vulnerable Software and Affected Versions: HW KEYMASTER module affected versions not specified Description: The issue concerns the HW KEYMASTER module, where there is a vulnerability related to writing data to an arbitrary address. This could potentially impact confidentiality if...

Google Android Elevation of Privilege Vulnerability (CNVD-2022-43859)

Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which stems from a lack of boundary checking in Keymaster that could result in out-of-bounds writes. An attacker could exploit this vulnerability to cau...

CVE-2021-39741

In Keymaster, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-173567719...

CVE-2021-39741

In Keymaster, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-173567719...