19 matches found
CVE-2024-40660
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display attributes due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-34743
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-34743
CVE-2024-34743 affects Google Android via a logic error in SurfaceFlinger.cpp (setTransactionState) that could enable tapjacking, leading to local elevation of privilege with no user interaction required. The vulnerability is classified as EoP, High severity, with local attack vector and impact t...
CVE-2024-34743
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android Elevation of Privilege Vulnerability (CNVD-2022-43848)
Google Android is a Linux-based open source operating system from Google, Inc. The vulnerability stems from a post-release reuse and out-of-bounds write vulnerability in setClientStateLocked in SurfaceFlinger.cpp. An attacker could use this vulnerability to cause a local privilege escalation...
Google Android Elevation of Privilege Vulnerability (CNVD-2022-43849)
Google Android is a Linux-based open source operating system from Google, Inc. The vulnerability stems from a post-release reuse and out-of-bounds write vulnerability in setClientStateLocked in SurfaceFlinger.cpp. An attacker could exploit the vulnerability to cause a local privilege escalation...
CVE-2021-1028
In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Out-of-bounds
In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Out-of-bounds
In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-1028
CVE-2021-1028 : In Android 12, the vulnerability is in SurfaceFlinger.cpp within setClientStateLocked, where a use-after-free can trigger an out-of-bounds write. This leads to local privilege escalation with no extra execution privileges required and no user interaction. Public documents consiste...
CVE-2021-1028
In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-0332
In bootFinished of SurfaceFlinger.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID:...
Memory corruption
In bootFinished of SurfaceFlinger.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID:...
CVE-2021-0332
CVE-2021-0332 affects Android’s Media/Graphics stack (SurfaceFlinger) where a use-after-free in bootFinished can cause memory corruption, enabling local privilege escalation with low complexity and no user interaction. Affected: Android 10 and 11. Root cause: memory corruption via use-after-free ...
CVE-2020-0392
In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10...
Double free
In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10...
CVE-2020-0392
CVE-2020-0392 is a concrete vulnerability in the Android SurfaceFlinger component. The issue arises in getLayerDebugInfo of SurfaceFlinger.cpp, where a double free can occur, enabling a local escalation of privilege with no additional execution privileges required. Affected: Android 9, 10, and 11...
CVE-2020-0392
In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10...
CVE-2020-11828
CVE-2020-11828 concerns ColorOS (Android-based OS by OPPO) where RGB is defined on the stack in surfaceflinger.CPP and remains uninitialized. The screenShot RGB assignment may return uninitialized values, causing stack information leakage and enabling a bypass of address space layout randomizatio...