CVE-2023-30650

The CVE-2023-30650 issue affects Samsung Mobile devices and is described as an out-of-bounds read/write in callrunTspCmd within the sysinput HAL service. The root cause is an overrun in the HAL call that can enable local attackers to execute arbitrary code. Affected component is the sysinput HAL,...

PT-2023-22848 · Unknown · Sysinput Hal Service

Name of the Vulnerable Software and Affected Versions: sysinput HAL service versions prior to SMR Jul-2023 Release 1 Description: The issue is related to an out of bounds read and write in the enableTspDevice function of the sysinput HAL service. This allows local attackers to execute arbitrary...

CVE-2023-21150

In handlesetparametersctrl of halsocket.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

PT-2023-17943 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the handle set parameters ctrl function of hal socket.c due to an incorrect bounds check. This could lead to local information disclosure, requiring System...

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command...

Memory corruption

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command...

CVE-2023-21628

CVE-2023-21628 describes a memory corruption (classic buffer overflow) in the WLAN HAL of Qualcomm chipsets when processing WMI-UTF or FTM TLV1 commands. The CVE is listed as a buffer copy without checking input size, leading to potential data corruption and high impact. Connected sources identif...

CVE-2023-21628 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command...

PT-2023-17846 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible use after free due to a race condition in the dit hal ioctl function of dit.c. This could lead to local escalation of privilege with System execution privileges needed. User...

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload...

Memory corruption

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload...

CVE-2022-25655

CVE-2022-25655 describes memory corruption in the WLAN HAL due to a buffer copy without size checking when a WMI UTF payload is processed. Connected sources indicate this involves Qualcomm closed‑source WLAN HAL components and that the issue is triggered by arbitrary input in the WMI UTF command ...

CVE-2022-25655 Buffer copy without checking the size of input in WLAN HAL.

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload...

PT-2023-12791 · Qualcomm · Snapdragon +215

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in the WLAN HAL when an arbitrary value is passed in the WMI UTF command payload. Recommendations: At the moment,...

SUSE CVE-2019-16249

OpenCV 4.1.1 has an out-of-bounds read in halbaseline::vload in core/hal/intrinsse.hpp when called from computeSSDMeanNorm in modules/video/src/disflow.cpp...

CVE-2021-4300 ghostlander Halcyon Block Verification main.cpp AddToBlockIndex access control

A vulnerability has been found in ghostlander Halcyon and classified as critical. Affected by this vulnerability is the function CBlock::AddToBlockIndex of the file src/main.cpp of the component Block Verification. The manipulation leads to improper access controls. The attack can be launched...

CVE-2022-20539

In parameterToHal of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the audio server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

PT-2022-14752 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In the parameterToHal function of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the audio server with System...

PT-2022-14643 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: The issue is related to an incorrect bounds check in the audioTransportsToHal function of HidlUtils.cpp, which could lead to a possible out of bounds write. This might result in loca...

Google Android Elevation of Privilege Vulnerability (CNVD-2022-85763)

Google Android is a Linux-based open-source operating system from the U.S. company Google Google. Google Android is vulnerable to an elevation of privilege vulnerability, which is caused by a memory corruption due to a use-after-release vulnerability in the camera provider HAL. An attacker could...