694 matches found
Design/Logic Flaw
In MediaCodec.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194783918...
Google Pixel 安全漏洞
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from improper locking and could lead to reuse after release...
PT-2023-17790 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible use after free in MediaCodec.cpp due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2023-21000
In MediaCodec.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194783918...
CVE-2023-20623
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778...
Privilege escalation
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778...
CVE-2023-20623
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778...
CVE-2023-20623
CVE-2023-20623 affects the Ion component in MediaTek-based systems. Root cause is improper locking that allows local privilege escalation without extra execution privileges and with no user interaction required. The CVSS metrics indicate a local attack vector, high complexity, and high privileges...
PT-2023-17492 · Ion · Ion
Name of the Vulnerable Software and Affected Versions: ion affected versions not specified Description: The issue is related to a possible escalation of privilege due to improper locking in ion. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2023-20623
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778...
PUB-A-194783918
In MediaCodec.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-264209787
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-20939
In multiple functions of looperbackedeventloop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Input validation
In multiple functions of looperbackedeventloop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2023-20939
In multiple functions of looperbackedeventloop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2023-20939
In multiple functions of looperbackedeventloop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
SUSE CVE-2018-9422
In getfutexkey of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no additional privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74250718 References: Upstre...
SUSE CVE-2020-27066
In xfrm6tunnelfreespi of net/ipv6/xfrm6tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...
SUSE CVE-2021-23133
A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...
SUSE CVE-2021-39801
In ionioctl of ion-ioctl.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...