OracleVM 3.4 : kernel-uek (OVMSA-2022-0031)

The remote OracleVM system is missing necessary patches to address security updates: - In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfsqueuework in fs/btrfs/async-thread.c. CVE-2019-19377 - Ther...

SUSE SLES15 Security Update : kernel (Live Patch 25 for SLE 15 SP3) (SUSE-SU-2022:4038-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4038-1 advisory. - In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalati...

Out-of-bounds

In audioTransportsToHal of HidlUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12...

Code injection

There is a Unauthorized service in the system service, may cause the system reboot. Since the component does not have permission check and permission protection, resulting in EoP problem.Product: AndroidVersions: Android SoCAndroid ID: A-242248367...

CVE-2022-20435

CVE-2022-20435 is an Android vulnerability described as an unauthorized service in the system service that, due to missing permission checks, can lead to local elevation of privilege and potentially a system reboot. Connected OSV entries (ASB-A-242248367 and ASB-A-242248369) corroborate an unauth...

CVE-2022-20385

CVE-2022-20385 affects Android and is tied to a nla_parse path that does not validate para length. Userspace can influence nla_type via maxtype (GSCAN_MAX) and trigger OOB access to the policy[type] array. This is described across multiple sources as a kernel/Android issue with potential for loca...

CVE-2021-0946

The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMRPDumpSymbolicAddr, and then copies the buffer to userspace. The method PMRPDumpSymbolicAddr may fail, and if it does the buffer will be left uninitialized and despite the...

Ubuntu 16.04 ESM : Linux kernel (AWS) vulnerabilities (USN-5580-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5580-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

CVE-2022-20261

In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

Information disclosure

In ActivityManager, there is a possible way to check another process's capabilities due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android...

Information disclosure

In AlarmManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-20315

CVE-2022-20315 affects Android 13 with a missing permission check in ActivityManager, causing disclosure of installed packages via local information disclosure without extra privileges and no user interaction. Affected component: ActivityManager; root cause: inadequate permission check; impact: l...

CVE-2022-20406

CVE-2022-20406 is present in Pixel/Android kernel entries with Type ID (Information disclosure) affecting the Modem component. The connected Pixel bulletin confirms the CVE exists but provides no public exploit details or remediation in the provided documents. No additional technical specifics (v...

CVE-2022-20405

CVE-2022-20405 affects the Android kernel/modem stack used by Google Pixel devices, described as a Modem Elevation of Privilege vulnerability. Public details indicate a zero-click style chain that could downgrade the device’s cellular modem to 2G and potentially allow takeover of the handset via ...

CVE-2022-20401

In SAEMMRetrievEPLMNList of SAEMMContextManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure post-authentication with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 29 for SLE 15) (SUSE-SU-2022:2750-1)

The remote SUSE Linux SLES12 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2750-1 advisory. - The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject...

CVE-2022-20346

In updateAudioTrackInfoFromESDSMPEG4Audio of MPEG4Extractor.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

SUSE SLES12 Security Update : kernel (Live Patch 23 for SLE 12 SP4) (SUSE-SU-2022:2444-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2444-1 advisory. - A race condition was found the Linux kernel in perfeventopen which can be exploited by an unprivileged user to gain root privileges. The bug...

Information disclosure

In onbind of ShannonRcsService.java, there is a possible access to protect data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20176

CVE-2022-20176 affects the Android kernel, specifically the sjtag-driver.c module in the auth_store path. The root cause is a missing bounds check that allows a read of uninitialized memory. This can lead to a local information disclosure and, per the description, may enable system-level executio...