EUVD-2020-1896

Malware in sbrugna...

PT-2022-14726 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds read in the decrypt 1 2 function of CryptoPlugin.cpp due to a missing bounds check. This could lead to local information disclosure without requiring...

Race condition

In decrypt of CryptoPlugin.cpp, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-176495665...

CVE-2021-0564

In decrypt of CryptoPlugin.cpp, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-176495665...

CVE-2021-0564

CVE-2021-0564 affects Android 11, caused by a race condition in the decrypt path of CryptoPlugin.cpp that can trigger a use-after-free. The vulnerability allows local elevation of privilege with System execution privileges and does not require user interaction. Exploitation details are not provid...

Race condition

In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10...

CVE-2021-0509

CVE-2021-0509 : A race condition causes a use-after-free in CryptoPlugin.cpp, leading to local privilege escalation with no additional privileges or user interaction required. Affected products/versions in the provided data include Android 8.1, 9, 10, and 11. The documents do not specify a public...

CVE-2021-0471

CVE-2021-0471 : In Android, the decrypt_1_2 function in CryptoPlugin.cpp can trigger an out-of-bounds read due to an integer overflow, leading to local information disclosure without extra privileges or user interaction. Affected: Android 8.1, 9, 10, 11. No public details in the connected docs sp...

Out-of-bounds

In decrypt12 of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID...

CVE-2019-2202

CVE-2019-2202 occurs in Android’s CryptoPlugin.decrypt and describes a possible heap buffer overflow leading to local privilege escalation without user interaction. Affected software is Android 9 and Android 10 (Media/crypto plugin path). The issue is described as an out-of-bounds write in Crypto...