CVE-2022-20606

The CVE-2022-20606 entry concerns SAEMM_MiningCodecTableWithMsgIE in SAEMM_RadioMessageCodec.c, where a missing bounds check can cause an out-of-bounds read. This could enable remote information disclosure with system privileges required. User interaction is not required. Connected sources confir...

CVE-2022-42508

In ProtocolCallBuilder::BuildSendUssd of protocolcallbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-42534

CVE-2022-42534 affects the Android kernel component, specifically the trusty_ffa_mem_reclaim path in shared-mem-smcall.c. The issue is a privilege-escalation vulnerability caused by improper input validation, enabling local elevation of privilege with no additional execution privileges required, ...

CVE-2022-20571

In extractmetadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20597

In ppmpuset of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243480506References: N...

CVE-2022-20606

In SAEMMMiningCodecTableWithMsgIE of SAEMMRadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20603

In SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20605

In SAECOMMCopyBufferBytes of SAECOMMUtility.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi...

CVE-2022-20604

In SAECOMMSetDcnIdForPlmn of SAECOMMDbManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from a single device with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

PT-2022-14811 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write due to a missing bounds check in the SetDecompContextDb function of RohcDeCompContextOfRbId.cpp. This could lead to remote code execution with System execution...

CVE-2022-20605

CVE-2022-20605 affects the Android kernel component SAECOMM_Utility.c, specifically the SAECOMM_CopyBufferBytes function. The underlying issue is an incorrect bounds check that enables an out-of-bounds read, leading to potential remote information disclosure without requiring additional privilege...

PT-2022-14812 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the SAECOMM SetDcnIdForPlmn function of SAECOMM DbManagement.c due to a missing bounds check. This could lead to remote information disclosure from a single...

CVE-2022-20606

In SAEMMMiningCodecTableWithMsgIE of SAEMMRadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20605

In SAECOMMCopyBufferBytes of SAECOMMUtility.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi...

CVE-2022-20563

In TBD of ufdtconvert, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2022-42515

In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20607

In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References...

CVE-2022-20579

In RadioImpl::setCdmaBroadcastConfig of rilservicelegacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20582

In ppmpunprotectmfcfwbuf of drmfw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20569

In thermalcoolingdevicestatsupdate of thermalsysfs.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product:...