3774 matches found
PT-2023-17865 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: In the rtt unpack xtlv cbfn function of dhd rtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User...
CVE-2023-21059
In EUTRANLCSDecodeFacilityInformationElement of LPPLcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2023-21055
In dithalioctl of dit.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-244301523References:...
CVE-2023-21041
In appendtoparams of paramutil.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2023-21046
In ConvertToHalMetadata of aidlutils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
CVE-2023-21067
Product: AndroidVersions: Android kernelAndroid ID: A-254114726References: N/A...
PT-2023-14130 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to improper input validation in the OEM OnRequest function of sced.cpp, which could lead to shell command execution. This may result in local escalation...
PT-2023-14128 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a missing bounds check in Pixel cellular firmware, which could lead to an out of bounds write. This might result in remote code execution without requiring additional execution privileges...
PT-2023-17854 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to an incorrect bounds check in the DoSetTempEcc function of imsservice.cpp, which could lead to a possible out of bounds read. This could result in local escalation of privilege, requiring...
CVE-2023-21076
In createTransmitFollowupRequest of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2023-21049
In appendcamerametadata of camerametadata.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...
PT-2023-17831 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to an incorrect bounds check in the append to params function of param util.c, which could lead to a possible out of bounds write. This might result in local escalation of privilege without...
CVE-2023-21076
CVE-2023-21076 involves a possible out-of-bounds write due to a heap buffer overflow in the function createTransmitFollowupRequest within nan.cpp. The underlying issue is a heap buffer overflow that could enable a local escalation of privilege with System execution privileges required. Exploitati...
CVE-2023-21054
In EUTRANLCSConvertLCSMOLRReq of LPPCommonUtil.c, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
PT-2023-17830 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is caused by a logic error in the code of bluetooth ccc.cc, specifically in the buildCommand function, which can lead to a possible out of bounds write. This could result in local escalation of privilege...
PT-2023-14131 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is caused by a logic error in the code of ffa mrd prot in shared mem.c. This could lead to local information disclosure with no additional execution privileges...
CVE-2022-42528
In ffamrdprot of sharedmem.c, there is a possible ID due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2023-21071
The CVE-2023-21071 entry affects the Android kernel, specifically the dhd_prot_ioctcmplt_process function in dhd_msgbuf.c. The issue is an out-of-bounds write caused by improper input validation, enabling local escalation of privilege with System execution privileges required. User interaction is...
PT-2023-17844 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the sms ExtractCbLanguage function of sms CellBroadcast.c due to a missing bounds check. This could lead to remote information disclosure with no additional...
PT-2023-17852 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: In the sms GetTpPiIe function of sms PduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed...