Google Android prepare_response_locked function input validation error vulnerability

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an input validation error vulnerability that originates from improper input validation of the prepareresponselocked function in the lwistransaction.c file, which can be exploited by an attacker t...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an input validation error vulnerability that originates from improper input validation of the prepareresponselocked function in the lwistransaction.c file, which can be exploited by an attacker t...

CVE-2024-32903

In prepareresponselocked of lwistransaction.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-29787

In lwisprocesstransactionsinqueue of lwistransaction.c, there is a possible use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32903

In prepareresponselocked of lwistransaction.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-29787

In lwisprocesstransactionsinqueue of lwistransaction.c, there is a possible use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-29787

In lwisprocesstransactionsinqueue of lwistransaction.c, there is a possible use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-29787

In CVE-2024-29787, the issue is in the lwis_process_transactions_in_queue function of lwis_transaction.c. It describes a use-after-free vulnerability that could enable local escalation of privilege without requiring additional execution privileges, and exploitation does not require user interacti...

Google pixel security breach

Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google pixel, which stems from a post-release reuse in the lwisprocesstransactionsinqueue module of lwistransaction.c. The vulnerability is caused by the presence of the...

PUB-A-322327963

In prepareresponselocked of lwistransaction.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35660

Summary: CVE-2023-35660 describes a use-after-free in lwis_transaction_client_cleanup (lwis_transaction.c) that can corrupt memory and enable local privilege escalation with SYSTEM privileges; exploitation does not require user interaction. The vulnerability is reported across multiple feeds (NVD...