CVE-2022-20574

In secsysmmuinfo of drmfw.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2022-20591

In ppmpuset of ppmpu.c, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2022-20581

In the Pixel camera driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2022-42507

In ProtocolSimBuilder::BuildSimUpdatePb3gEntry of protocolsimbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20605

In SAECOMMCopyBufferBytes of SAECOMMUtility.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi...

CVE-2022-20564

In ufdtoutputstrtabtofdt of ufdtconvert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-42530

In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

Amazon Linux 2 : kernel, --advisory ALAS2-2022-1888 (ALAS-2022-1888)

The version of kernel installed on the remote host is prior to 4.14.299-223.520. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1888 advisory. In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. Th...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-10065)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-10065 advisory. - btrfs: Don't submit any btree write bio if the fs has errors Qu Wenruo Orabug: 31265340 CVE-2019-19377 - scsi: stex: Properly zero out the...

Important: kernel

Issue Overview: In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Andro...

Google Pixel 安全漏洞

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in veritytarget in dm-verity-target.c of the Google Android Kernel, which stems from the program not properly checking for privileges. An attacker could exploit the vulnerabili...

PT-2023-1000 · Google +7 · Android Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Android kernel affected versions not specified Description: The issue is related to a logic error in the code of efi rt asm wrapper in efi-rt-wrapper.S, which could lead to a bypass of shadow stack...

Oracle Linux 9 : kernel (ELSA-2022-8267)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8267 advisory. - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Wander Lairson Costa 2116968 CVE-2022-2585 - fix race between exititimers and...

CVE-2022-42533

In sharedmetadatainit of SharedMetadata.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20460

In TBD mprotunmap? of TBD, there is a possible way to corrupt the memory mapping due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20459

In TBD of TBD, there is a possible way to redirect code execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2022-20427

In TBD of TBD, there is a possible way to corrupt memory due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

Input validation

In TBD of TBD, there is a possible way to corrupt memory due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

Input validation

In TBD of TBD, there is a possible way to redirect code execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

Input validation

In TBD mprotunmap? of TBD, there is a possible way to corrupt the memory mapping due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...