3774 matches found
PT-2022-14800 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the pop descriptor string function of BufferDescriptor.h due to a missing bounds check. This could lead to local information disclosure and requires System...
CVE-2022-20594
In updateStart of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid I...
CVE-2022-20593
In popdescriptorstring of BufferDescriptor.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
PT-2022-14809 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue concerns the Android kernel. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world...
CVE-2022-20599
In Pixel firmware, there is a possible exposure of sensitive memory due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
PT-2022-14805 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to an integer overflow in the sec media protect function of media.c, which could lead to a local escalation of privilege in secure mode MFC Core. No additional execution privileges are needed,...
CVE-2022-20576
In externalOnRequest of rilapplication.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20580
In ufdtdoonefixup of ufdtoverlay.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid I...
PT-2022-14781 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to an incorrect bounds check in the read ppmpu info function of drm fw.c, which could lead to a local information disclosure. This can be exploited without additional execution privileges or us...
PT-2022-14780 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the sec sysmmu info function of drm fw.c due to improper input validation. This could lead to local information disclosure with no additional execution...
CVE-2022-20580
In ufdtdoonefixup of ufdtoverlay.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid I...
CVE-2022-20578
In RadioImpl::setGsmBroadcastConfig of rilservicelegacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
PT-2022-14787 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a logic error in the Pixel camera driver code, which can lead to a use after free scenario. This could result in local escalation of privilege, requiring System execution privileges. No user...
CVE-2022-20598
In secmediaprotect of media.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege of secure mode MFC Core with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...
PT-2022-14801 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the updateStart function of WirelessCharger.cpp due to a missing bounds check. This could lead to local escalation of privilege with System execution...
CVE-2022-20602
Product: AndroidVersions: Android kernelAndroid ID: A-211081867References: N/A...
CVE-2022-42531
CVE-2022-42531 affects the Android kernel component gs_ldfw_load.c, specifically the mmu_map_for_fw path. The issue is described as a mitigation bypass due to Permissive Memory Allocation, enabling local elevation of privilege without additional execution privileges or user interaction. The vulne...
CVE-2022-20610
CVE-2022-20610 : In Android Pixel devices, a vulnerability in the cellular modem firmware (Pixel cellular modem) enables a possible out-of-bounds read due to a missing bounds check, which could allow remote code execution. Exploitation is network-based with no user interaction required; LTE authe...
CVE-2022-20600
CVE-2022-20600 affects the Android kernel LWIS component. The issue is described as a memory corruption out-of-bounds write that could enable local privilege escalation to SYSTEM with no user interaction required. The available documents consistently note this as a local attack surface on Android...
CVE-2022-20591
CVE-2022-20591 affects the Android kernel component ppmpu_set in ppmpu.c. The vulnerability is a logic error that can cause information disclosure locally without requiring additional execution privileges, and it does not require user interaction. Several connected sources consistently describe a...