Android Q Sdk Security Vulnerabilities and Issues — Android Q Sdk CVE List

AllwinnertechAndroid Q Sdk

7 matches found

CVE•added 2022/01/18 1:10 p.m.•57 views

CVE-2021-38784

CVE-2021-38784 affects Allwinner R818 SoC Android Q SDK V1.0. A NULL pointer dereference in the syscall open_exec function could allow a malicious file to trigger a system crash. This is described across multiple sources in the provided documents, which confirm the underlying cause as a NULL poin...

7.8CVSS7.3AI score0.00639EPSS

CVE•added 2022/01/19 6:40 p.m.•57 views

CVE-2021-38789

CVE-2021-38789 affects Allwinner R818 SoC with Android Q SDK V1.0. The issue is an incorrect access control vulnerability where the caller’s permission is not checked, enabling a non-specified third-party app to change system settings. Connected documents confirm the affected product and root cau...

7.5CVSS7.3AI score0.0034EPSS

CVE•added 2022/01/19 12:46 p.m.•52 views

CVE-2021-38787

CVE-2021-38787 affects Allwinner R818 SoC Android Q SDK V1.0 where an integer overflow in the ION driver ("/dev/ion") can be triggered via the COMPAT_ION_IOC_SUNXI_FLUSH_RANGE ioctl, leading to a system crash (denial of service). Connected sources confirm the vulnerable component is the ION drive...

7.8CVSS7.5AI score0.00788EPSS

Web

CVE•added 2022/01/19 11:53 a.m.•46 views

CVE-2021-38786

Summary of CVE-2021-38786 (Allwinner R818): There is a NULL pointer dereference in the media/libcedarc/vdecoder component of the Allwinner R818 SoC Android Q SDK V1.0, which can lead to a media crash and a denial of service. This is documented across multiple sources (NVD, Red Hat, CVE listing) w...

7.5CVSS7.4AI score0.00789EPSS

CVE•added 2022/01/18 12:43 p.m.•44 views

CVE-2021-38783

CVE-2021-38783 affects the Allwinner R818 SoC Android Q SDK V1.0 camera driver, exposing /dev/cedar_dev to iotcl IOCTL_SET_PROC_INFO and IOCTL_COPY_PROC_INFO. The root cause is an out-of-bounds write in the driver, which can cause a system crash or privilege escalation. Provided documents do not ...

7.8CVSS7.4AI score0.00774EPSS

CVE•added 2022/01/18 1:46 p.m.•43 views

CVE-2021-38785

CVE-2021-38785 describes a NULL pointer dereference in the Allwinner R818 SoC Android Q SDK V1.0 camera driver /dev/cedar_dev. The issue can be triggered by the IOCTL_GET_IOMMU_ADDR ioctl, leading to a system crash. The available documents identify the affected component and the crash impact but ...

7.8CVSS7.3AI score0.00776EPSS

Web

CVE•added 2022/01/19 3:23 p.m.•34 views

CVE-2021-38788

The CVE-2021-38788 entry concerns the Allwinner R818 background service in the Android Q SDK v1.0. The vulnerability arises in the service that manages background processes; a malicious app can call the service interface to set the allowed number of background applications to 0 and add itself to ...

7.5CVSS7.3AI score0.00787EPSS