30 matches found
CVE-2019-2104
In HIDL, safeunion, and other C++ structs/unions being sent to application processes, there are uninitialized fields. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...
EUVD-2020-3502
Malware in sbrugna...
EUVD-2023-25806
Malicious code in bioql PyPI...
EUVD-2023-37266
Malicious code in bioql PyPI...
CVE-2023-33077
Memory corruption in HLOS while converting from authorization token to HIDL vector...
CVE-2020-11148
Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...
Memory corruption
Memory corruption in HLOS while converting from authorization token to HIDL vector...
CVE-2023-33077
Memory corruption in HLOS while converting from authorization token to HIDL vector...
CVE-2023-33077 Buffer Copy Without Checking Size of Input in HLOS
Memory corruption in HLOS while converting from authorization token to HIDL vector...
CVE-2023-33077 Buffer Copy Without Checking Size of Input in HLOS
Memory corruption in HLOS while converting from authorization token to HIDL vector...
CVE-2023-33077
CVE-2023-33077: Memory corruption in HLOS during conversion from an authorization token to a HIDL vector. Root cause is memory corruption in the HLOS path handling token-to-HIDL conversion. Impact on confidentiality, integrity and availability is described as High; attack vector is Local with low...
CVE-2023-21639
Memory corruption in Audio while processing svamodelserializer using memory size passed by HIDL client...
Memory corruption
Memory corruption in Audio while processing svamodelserializer using memory size passed by HIDL client...
CVE-2023-21639 Buffer Copy Without Checking the Size of Input in Audio
Memory corruption in Audio while processing svamodelserializer using memory size passed by HIDL client...
CVE-2023-21639 Buffer Copy Without Checking the Size of Input in Audio
Memory corruption in Audio while processing svamodelserializer using memory size passed by HIDL client...
CVE-2023-21639
CVE-2023-21639 describes memory corruption in the Audio component on Qualcomm chipsets when processing the sva_model_serializer with a memory size provided by the HIDL client. The issue is triggered locally and involves memory handling that impacts confidentiality, integrity, and availability as ...
PT-2022-14643 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: The issue is related to an incorrect bounds check in the audioTransportsToHal function of HidlUtils.cpp, which could lead to a possible out of bounds write. This might result in loca...
CVE-2020-11148
Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...
Design/Logic Flaw
Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...
CVE-2020-11152
Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...