ASB-A-279905816

In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation...

ASB-A-242704576

In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips

Google is calling attention to a set of severe security flaws in Samsung's Exynos chips, some of which could be exploited remotely to completely compromise a phone without requiring any user interaction. The 18 zero-day vulnerabilities affect a wide range of Android smartphones from Samsung, Vivo...

Google's Android Red Team Had a Full Pixel 6 Pwn Before Launch

Before the flagship phone ever landed in users’ hands, the security team thoroughly hacked it by finding bugs and developing exploits...

ASB-A-231161832

In btifdmauthcmplevt of btifdm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-213169612

In BitmapcreateFromParcel of Bitmap.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

The Pixel 6 Chip’s Best Upgrade Isn’t Speed. It’s Security

Google’s new flagship smartphone is its most secure yet, thanks to a little vertical integration...