CVE-2022-20585

CVE-2022-20585 affects the Android kernel component drm_access_control.c, specifically the function valid_out_of_special_sec_dram_addr. The issue is an elevation of privilege due to improper input validation, enabling local privilege escalation with no extra user interaction. Exploitation details...

CVE-2022-42532

CVE-2022-42532 affects Google/Pixel firmware and the Android kernel: an out-of-bounds read due to a missing bounds check could allow local information disclosure with system execution privileges, requiring no user interaction. The issue is documented across multiple sources (Pixel firmware discus...

CVE-2022-20586

In validoutofspecialsecdramaddr of drmaccesscontrol.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-42503

In ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

CVE-2022-20563

In TBD of ufdtconvert, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2022-42522

In DoSetCarrierConfig of miscservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

CVE-2022-42506

In SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

PT-2022-14794 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to a precondition check failure in the sysmmu map function of sysmmu.c. This could lead to a local escalation of privilege, requiring System execution...

CVE-2022-20604

In SAECOMMSetDcnIdForPlmn of SAECOMMDbManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from a single device with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20586

In validoutofspecialsecdramaddr of drmaccesscontrol.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-42505

In ProtocolMiscBuilder::BuildSetSignalReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

CVE-2022-42514

CVE-2022-42514 affects Android kernel code: ProtocolImsBuilder::BuildSetConfig in protocolimsbuilder.cpp is vulnerable to an out-of-bounds read due to a missing bounds check. This could allow local information disclosure with System-level privileges required. The vulnerability is documented acros...

CVE-2022-42520

CVE-2022-42520: Use-after-free in Android’s ServiceInterface::HandleRequest (serviceinterface.cpp) can lead to local escalation of privilege to system level. Affected component: Android kernel/service interface; exploitation described as LOCAL with HIGH privileges required and no user interaction...

PT-2022-26478 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the MiscService::DoOemSetTcsFci function of miscservice.cpp due to a missing bounds check. This could lead to local information disclosure, requiring System...

CVE-2022-20579

In RadioImpl::setCdmaBroadcastConfig of rilservicelegacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-42526

In ConvertUtf8ToUcs2 of radiohalutils.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

PT-2022-14797 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to improper input validation in the valid va sec mfc check function of drm access control.c, which could lead to local information disclosure without requiring additional execution privileges...

CVE-2022-42507

In ProtocolSimBuilder::BuildSimUpdatePb3gEntry of protocolsimbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-42531

In mmumapforfw of gsldfwload.c, there is a possible mitigation bypass due to Permissive Memory Allocation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

CVE-2022-20597

In ppmpuset of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243480506References: N...