453 matches found
Input validation
An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash...
CVE-2022-23429
CVE-2022-23429 describes an improper boundary check in the Android audio HAL service prior to SMR Feb-2022 Release 1, allowing local attackers to read invalid memory and cause an application crash. In the provided connected records, the vulnerability is documented across multiple sources (NVD, Re...
CVE-2022-23429
An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash...
CVE-2022-23428
CVE-2022-23428 : An improper boundary check in the eden_runtime HAL service before SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. The vulnerability is documented across multiple sources (NVD, CNVD, Red Hat, etc.) and is associated with Google Android. Affected component:...
CVE-2022-20040
In powerhalmanagerservice, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150...
Stack overflow
In powerhalmanagerservice, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150...
CVE-2022-20040
In powerhalmanagerservice, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150...
MediaTek 芯片 缓冲区错误漏洞
MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek Mediatek. A security vulnerability exists in the MediaTek chips that originates from a stack-based buffer overflow in the power hal manager service, which may allow privilege bypass...
bme280-multibus (>=0.1.0 <=0.2.1), eeprom25aa02e48 (>=0.1.0 <=0.2.0) potentially affected by unknown CVE via ftd2xx-embedded-hal (>=0.1.0 <=0.9.1)
ftd2xx-embedded-hal CARGO version =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0005...
RUSTSEC-2022-0005 crate has been renamed to `ftdi-embedded-hal`
This crate has been renamed from ftd2xx-embedded-hal to ftdi-embedded-hal. The new repository location is:...
Huawei HarmonyOS HAL Card Component Unauthorized Access Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. The Huawei HarmonyOS HAL card component is vulnerable to unauthorized access, which could be exploited by attackers to compromise confidentiality...
Huawei HarmonyOS HAL-Ril data service component out-of-bounds read vulnerability
Huawei HarmonyOS is an operating system from Huawei China. A security vulnerability exists in the HAL-Ril data service component of Huawei HarmonyOS, which provides a microkernel-based, full-scenario distributed operating system. An attacker could exploit the vulnerability to compromise...
CVE-2021-0673
In Audio Aurisys HAL, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05977326; Issue ID: ALPS05977326...
CVE-2021-0673
In Audio Aurisys HAL, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05977326; Issue ID: ALPS05977326...
Design/Logic Flaw
In Audio Aurisys HAL, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05977326; Issue ID: ALPS05977326...
CVE-2021-0673
CVE-2021-0673 : In Audio Aurisys HAL, a missing permission check allows local escalation of privilege with no user interaction. Descriptions across sources confirm a permission bypass affecting the Audio HAL layer, with a patch identified as ALPS05977326 (Issue ID ALPS05977326). The vulnerability...
Huawei HarmonyOS 缓冲区错误漏洞
Huawei HarmonyOS is an operating system from Huawei China. A security vulnerability exists in the HAL-Ril data service component of Huawei HarmonyOS, which provides a microkernel-based, full-scenario distributed operating system. An attacker could exploit the vulnerability to compromise...
CVE-2021-30315
Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto...
Input validation
Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto...
CVE-2021-30315
CVE-2021-30315 concerns improper handling of the sensor HAL structure in the absence of the sensor, leading to a use-after-free condition in Snapdragon Auto. Public documentation reiterates the root cause as sensor HAL mismanagement and lists Qualcomm’s sensor subsystem as the affected area. Conn...