Google Android Information Disclosure Vulnerability (CNVD-2025-19923)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by an error in hiddconn.cc's hiddcheckconfigdone. An attacker can exploit the vulnerability to obtain sensitive information...

CVE-2025-22407

CVE-2025-22407 is a use-after-free in the Android HID (hidd) component, specifically in hidd_check_config_done of hidd_conn.cc, enabling potential arbitrary code execution and local information disclosure without extra privileges or user interaction. The vulnerability is discussed across multiple...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by an error in hiddconn.cc's hiddcheckconfigdone. An attacker can exploit the vulnerability to obtain sensitive information...

PT-2025-11070 · Google · Android

Name of the Vulnerable Software and Affected Versions: Linux Kernel Hidd Component affected versions not specified Description: A use-after-free issue exists in the hidd check config done function within hidd conn.cc. This could allow for arbitrary code execution, potentially leading to local...

macOS < 10.14.3 / iOS < 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issu

/ It's possible that this should be two separate issues but I'm filing it as one as I'm still understanding this service. com.apple.iohideventsystem is hosted in hidd on MacOS and backboardd on iOS. You can talk to it from the app sandbox on iOS. It uses an IOMIGMachPortCache to translate between...

macOS &lt; 10.14.3 / iOS &lt; 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issues in iohideventsystem

/ It's possible that this should be two separate issues but I'm filing it as one as I'm still understanding this service. com.apple.iohideventsystem is hosted in hidd on MacOS and backboardd on iOS. You can talk to it from the app sandbox on iOS. It uses an IOMIGMachPortCache to translate between...

Apple iOS / macOS - Sandbox Escape due to mach Message sent from Shared Memory Exploit

Exploit for multiple platform in category dos / poc Apple iOS/macOS - Sandbox Escape due to mach Message sent from Shared Memory iohideventsystem sets up a shared memory event queue; at the end of this shared memory buffer it puts a mach message which it sends whenever it wants to notify a client...

Apple iOS/macOS - Sandbox Escape due to mach Message sent from Shared Memory

iohideventsystem sets up a shared memory event queue; at the end of this shared memory buffer it puts a mach message which it sends whenever it wants to notify a client that there's data available in the queue. As a client we can modify this mach message such that the server hidd on MacOS,...

Apple iOSmacOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem

Apple iOSmacOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem iohideventsystem is a MIG service which provides proxy access to various HID devices for untrusted clients. On iOS it's hosted by backboardd and on MacOS by hidd. The actual implementation is ...

BlueZ 1.x/2.x - HIDD Bluetooh HID Command Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22076/info BlueZ hidd is prone to a device-command-injection vulnerability. A remote attacker can exploit this issue to gain control of mouse and keyboard HIDs human interface device. This will allow the attacker to...

Mandriva Update for bluez-utils MDKSA-2007:014 (bluez-utils)

Check for the Version of bluez-utils OpenVAS Vulnerability Test Mandriva Update for bluez-utils MDKSA-2007:014 bluez-utils Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

BlueZ 1.x2.x - HIDD Bluetooh HID Command Injection

BlueZ 1.x2.x - HIDD Bluetooh HID Command Injection source: https://www.securityfocus.com/bid/22076/info BlueZ hidd is prone to a device-command-injection vulnerability. A remote attacker can exploit this issue to gain control of mouse and keyboard HIDs human interface device. This will allow the...

Mandrake Linux Security Advisory : bluez-utils (MDKSA-2007:014)

hidd in BlueZ bluez-utils before 2.25 allows remote attackers to obtain control of the 1 Mouse and 2 Keyboard Human Interface Device HID via a certain configuration of two HID PSM endpoints, operating as a server, aka HidAttack. hidd is not enabled by default on Mandriva 2006.0. This update adds...