Integer overflow

In AllocateInternalBuffers of g3aabufferallocator.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Out-of-bounds

In SAEMMRetrievEPLMNList of SAEMMContextManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure post-authentication with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Out-of-bounds

In cdCodeMsg of cdcodec.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

Out-of-bounds

In LteRrcNrProAsnDecode of LteRrcNrCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20158

In bdiput and bdiunregister of backing-dev.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

UBUNTU-CVE-2022-20158

In bdiput and bdiunregister of backing-dev.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

UBUNTU-CVE-2022-20369

In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...

UBUNTU-CVE-2022-20368

Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel...

CVE-2022-20406

CVE-2022-20406 is present in Pixel/Android kernel entries with Type ID (Information disclosure) affecting the Modem component. The connected Pixel bulletin confirms the CVE exists but provides no public exploit details or remediation in the provided documents. No additional technical specifics (v...

CVE-2022-20383

In AllocateInternalBuffers of g3aabufferallocator.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20383

CVE-2022-20383 affects the Android kernel via AllocateInternalBuffers in g3aa_buffer_allocator.cc, where an integer overflow can cause an out-of-bounds write. This enables local privilege escalation with no extra user interaction required. Documents indicate the issue exists in the Android kernel...

CVE-2022-20379

In lwisbufferalloc of lwisbuffer.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2022-20378

CVE-2022-20378 affects Android kernel and Pixel modem. The Pixel security bulletin lists it under the Kernel/Modem category as an Elevation of Privilege (EoP) issue with “Modem” as the component and indicates a high-severity impact, corroborated by NVD’s CVSS v3.1 base score of 9.8 (CRITICAL) wit...

CVE-2022-20378

Product: AndroidVersions: Android kernelAndroid ID: A-234657153References: N/A...

CVE-2022-20376

In trustylogseqstart of trusty-log.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2022-20375

In LteRrcNrProAsnDecode of LteRrcNrCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20373

CVE-2022-20373 affects the Android kernel, specifically the st21nfc_loc_set_polaritymode function in fc/st21nfc.c. The issue is a use-after-free caused by a race condition, enabling local elevation of privilege with SYSTEM privileges required and no user interaction needed. Connected sources (Red...

CVE-2022-20372

In exynos5i2cirq of TBD, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2022-20372

In exynos5i2cirq of TBD, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2022-20371

In dmbowdtr and related functions of dm-bow.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...