UBUNTU-CVE-2021-39648

In gadgetdevdescUDCshow of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

UBUNTU-CVE-2021-39656

In configfsopenfile of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

UBUNTU-CVE-2021-39636

In doiptgetctl and doiptsetctl of iptables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

UBUNTU-CVE-2021-0961

In quotaprocwrite of xtquota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

UBUNTU-CVE-2021-0929

In iondmabufendcpuaccess and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

UBUNTU-CVE-2021-1048

In eploopcheckproc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

CVE-2021-39636

In doiptgetctl and doiptsetctl of iptables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2021-39645

Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A...

CVE-2021-39647

In monsmcloadsp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smcbooting.S, there is a possible reinitialization of TEE due to improper locking. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2021-39639

In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check. This could lead to local escalation of privilege with physical access to device internals with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2021-1047

In validipcdramaddr of cmaccesscontrol.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2021-39642

In synchronousprocessioentries of lwisioctl.c, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...

CVE-2021-1046

In lwisdpmupdateclock of lwisdevicedpm.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

CVE-2021-39657

In ufshcdehdeviceresethandler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...

CVE-2021-39652

CVE-2021-39652 affects the Android kernel component, specifically the sec_ts_parsing_cmds code. The root cause is an incorrect bounds check that can trigger an out-of-bounds write, enabling local escalation of privilege with SYSTEM-level execution rights. Exploitation requires no user interaction...

CVE-2021-39655

Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A...

CVE-2021-39656

In configfsopenfile of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2021-39649

In regmapexit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2021-39649

CVE-2021-39649 affects the Android kernel’s regmap.c, specifically regmap_exit, where improper locking can cause a use-after-free. This enables local escalation of privilege with system execution privileges required and no user interaction. Exploitation status is not provided in the sources; reme...

CVE-2021-39648

In gadgetdevdescUDCshow of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...