12 matches found
CVE-2025-48574
In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48574
In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48574
In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48574
In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48574
CVE-2025-48574 affects Android’s UI component: DisplayPolicy.java (validateAddingWindowLw). The issue arises from a missing permission check, allowing an app to intercept drag-and-drop events and perform local elevation of privilege without extra execution privileges or user interaction. Public d...
CVE-2025-48574
In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which stems from a lack of permission checking in validateAddingWindowLw of DisplayPolicy.java, and can be exploited by an attacker to cause an application to intercept...
ASB-A-428700812
In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2025-43464
Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description An issue exists in the validateAddingWindowLw function within DisplayPolicy.java that may allow an application to intercept drag-and-drop events because of a missing permission check. This...
AZL-52320 CVE-2024-50004 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 WHY & HOW Mismatch in DCN35 DML2 cause bw validation failed to acquire unexpected DPP pipe to cause grey screen and system hang. Remove...
UBUNTU-CVE-2024-50004
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 WHY & HOW Mismatch in DCN35 DML2 cause bw validation failed to acquire unexpected DPP pipe to cause grey screen and system hang. Remove...
PT-2024-33843
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A mismatch in the DCN35 DML2 policy causes bandwidth validation to fail, leading to the acquisition of an unexpected DPP pipe. This results in a grey screen and system hang. The issue ...