3774 matches found
PT-2022-14801 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the updateStart function of WirelessCharger.cpp due to a missing bounds check. This could lead to local escalation of privilege with System execution...
CVE-2022-20602
Product: AndroidVersions: Android kernelAndroid ID: A-211081867References: N/A...
CVE-2022-42514
CVE-2022-42514 affects Android kernel code: ProtocolImsBuilder::BuildSetConfig in protocolimsbuilder.cpp is vulnerable to an out-of-bounds read due to a missing bounds check. This could allow local information disclosure with System-level privileges required. The vulnerability is documented acros...
CVE-2022-42512
CVE-2022-42512 affects the Android kernel component in VsimOperationDataExt::encode (vsimdata.cpp). The issue is an out-of-bounds read caused by a missing bounds check, enabling local information disclosure with System privileges; no user interaction needed. Connected sources confirm the vulnerab...
CVE-2022-42505
CVE-2022-42505 arises from an out-of-bounds write in ProtocolMiscBuilder::BuildSetSignalReportCriteria within the Android kernel’s protocolmiscbuilder.cpp. The description indicates an incorrect bounds check allows a local escalation of privilege with System execution privileges required; exploit...
CVE-2022-42520
CVE-2022-42520: Use-after-free in Android’s ServiceInterface::HandleRequest (serviceinterface.cpp) can lead to local escalation of privilege to system level. Affected component: Android kernel/service interface; exploitation described as LOCAL with HIGH privileges required and no user interaction...
CVE-2022-42531
CVE-2022-42531 affects the Android kernel component gs_ldfw_load.c, specifically the mmu_map_for_fw path. The issue is described as a mitigation bypass due to Permissive Memory Allocation, enabling local elevation of privilege without additional execution privileges or user interaction. The vulne...
CVE-2022-20610
CVE-2022-20610 : In Android Pixel devices, a vulnerability in the cellular modem firmware (Pixel cellular modem) enables a possible out-of-bounds read due to a missing bounds check, which could allow remote code execution. Exploitation is network-based with no user interaction required; LTE authe...
CVE-2022-20600
CVE-2022-20600 affects the Android kernel LWIS component. The issue is described as a memory corruption out-of-bounds write that could enable local privilege escalation to SYSTEM with no user interaction required. The available documents consistently note this as a local attack surface on Android...
CVE-2022-20583
CVE-2022-20583 affects the Android kernel DRM firmware path: in function ppmp_unprotect_mfcfw_buf there is an out-of-bounds write due to improper input validation. This could enable local escalation of privilege in S-EL1 with System privileges granted, and exploitation is described as not requiri...
CVE-2022-20591
CVE-2022-20591 affects the Android kernel component ppmpu_set in ppmpu.c. The vulnerability is a logic error that can cause information disclosure locally without requiring additional execution privileges, and it does not require user interaction. Several connected sources consistently describe a...
CVE-2022-20582
CVE-2022-20582 affects the Android kernel component, specifically the drm_fw.c function ppmp_unprotect_mfcfw_buf, where an out-of-bounds write can occur due to improper input validation. The vulnerability enables local privilege escalation with no extra user interaction, as indicated by multiple ...
CVE-2022-20585
CVE-2022-20585 affects the Android kernel component drm_access_control.c, specifically the function valid_out_of_special_sec_dram_addr. The issue is an elevation of privilege due to improper input validation, enabling local privilege escalation with no extra user interaction. Exploitation details...
CVE-2022-20563
CVE-2022-20563 describes an out-of-bounds read caused by memory corruption in ufdt_convert within the Android kernel, enabling local privilege escalation to System. Exploitation is local with no user interaction; no remediation details are provided in the linked documents.
CVE-2022-42517
CVE-2022-42517 affects the Android kernel, specifically the MiscService::DoOemSetTcsFci function in miscservice.cpp. The issue is an out-of-bounds read caused by a missing bounds check, leading to local information disclosure with System privileges required for exploitation and no user interactio...
CVE-2022-42532
CVE-2022-42532 affects Google/Pixel firmware and the Android kernel: an out-of-bounds read due to a missing bounds check could allow local information disclosure with system execution privileges, requiring no user interaction. The issue is documented across multiple sources (Pixel firmware discus...
CVE-2022-42507
CVE-2022-42507 describes a potential out-of-bounds write in ProtocolSimBuilder::BuildSimUpdatePb3gEntry within the Android kernel, caused by a missing bounds check. The vulnerability could enable local escalation of privilege with System privileges required, and exploitation is stated as requirin...
PT-2022-26467 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the ProtocolSimBuilder::BuildSimUpdatePb3gEntry function due to a missing bounds check. This could lead to local escalation of privilege, requiring System...
CVE-2022-20585
In validoutofspecialsecdramaddr of drmaccesscontrol.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20586
In validoutofspecialsecdramaddr of drmaccesscontrol.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...