Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in the Kernel components Kernel in Google Android. There is no information about this vulnerability yet, please stay tuned to CNNVD or the vendor's announcement...

The vulnerability of the ufshcd_eh_device_reset_handler function (ufshcd.c) in the Android operating system allows a hacker to execute arbitrary commands and gain access to information.

The vulnerability of the ufshcdehdeviceresethandler function ufshcd.c in the Android operating system’s kernel is related to reading data beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary commands and gain access to sensitive information...

The vulnerability of the ip6_xmit function in the (6_output.c) kernel of the Android operating system allows a hacker to increase their privileges.

The vulnerability of the ip6xmit function in the 6output.c kernel of the Android operating system is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

Vulnerability of the gadget_dev_desc_UDC_show function in the Android operating system’s kernel, allowing a hacker to gain unauthorized access to protected information

The vulnerability of the gadgetdevdescUDCshow function in the Android operating system’s kernel is related to the disclosure of information in an unauthorized data area. Exploiting this vulnerability could allow a malicious individual to gain unauthorized access to protected information...

The vulnerability of the unix_scm_to_skb function (af_unix.c) in the Android operating system’s kernel allows a hacker to increase their privileges.

The vulnerability of the unixscmtoskb function afunix.c in the Android operating system kernel arises from the simultaneous execution using shared resources with incorrect synchronization in the “Race Situation” mode. Exploiting this vulnerability can allow an attacker to increase their privilege...

OracleVM 3.4 : kernel-uek (OVMSA-2022-0007)

The remote OracleVM system is missing necessary patches to address security updates: - Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. CVE-2021-0129 - In eploopcheckproc of eventpoll.c, there is a possible way to...

Heap overflow

In HandleTransactionIoEvent of actuatordriver.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

Out-of-bounds

In TBD of TBD, there is a possible out of bounds read due to TBD. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206039140References: N/A...

CVE-2021-39687

In HandleTransactionIoEvent of actuatordriver.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

PT-2022-10971 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read, which could lead to local information disclosure without requiring additional execution privileges. User interaction is not necessary for exploitation...

Rocky Linux 8 : kernel (RLSA-2021:1578)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1578 advisory. - In pfkeydump of afkey.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel wi...

AlmaLinux 8 : kernel (ALSA-2021:4056)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4056 advisory. - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctxlist...

Rocky Linux 8 : kernel-rt (RLSA-2021:4088)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4088 advisory. - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctxli...

PT-2022-1361 · Google +4 · Android Kernel +4

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to the mmc blk read single function in block.c, which can lead to local information disclosure due to uninitialized data. This could happen when reading...

CVE-2021-39678

In of , there is a possible bypass of Factory Reset Protection due to . This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-171742549References: N/A...

CVE-2021-39679

In init of vendorgraphicbuffermeta.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2021-39634

In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel...

CVE-2021-39681

In deleteprotocol of main.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

DEBIAN-CVE-2021-39633

In grehandleoffloads of ipgre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

DEBIAN-CVE-2021-39634

In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel...