VYPR

Android kernel

by Google

CVEs (55)

  • CVE-2023-21066CriJun 28, 2023
    risk 0.64cvss 9.8epss 0.01

    In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21058CriMar 24, 2023
    risk 0.64cvss 9.8epss 0.00

    In lcsm_SendRrAcquiAssist of lcsm_bcm_assist.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21057CriMar 24, 2023
    risk 0.64cvss 9.8epss 0.00

    In ProfSixDecomTcpSACKoption of RohcPacketCommon, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21149HigJun 28, 2023
    risk 0.51cvss 7.8epss 0.00

    In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there is a possible way to activate/deactivate RCS service due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…

  • CVE-2023-21147HigJun 28, 2023
    risk 0.51cvss 7.8epss 0.00

    In lwis_i2c_device_disable of lwis_device_i2c.c, there is a possible UAF due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21102HigMay 15, 2023
    risk 0.51cvss 7.8epss 0.00

    In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-21041HigMar 24, 2023
    risk 0.51cvss 7.8epss 0.00

    In append_to_params of param_util.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-20938HigFeb 28, 2023
    risk 0.51cvss 7.8epss 0.00

    In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-20928HigJan 26, 2023
    risk 0.51cvss 7.8epss 0.00

    In binder_vma_close of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-20925HigJan 26, 2023
    risk 0.51cvss 7.8epss 0.00

    In setUclampMinLocked of PowerSessionManager.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21226HigJun 28, 2023
    risk 0.49cvss 7.5epss 0.00

    In SAEMM_RetrieveTaiList of SAEMM_ContextManagement.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-21223HigJun 28, 2023
    risk 0.49cvss 7.5epss 0.00

    In LPP_ConvertGNSS_DataBitAssistance of LPP_CommonUtil.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-21060HigMar 24, 2023
    risk 0.49cvss 7.5epss 0.00

    In sms_GetTpPiIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21059HigMar 24, 2023
    risk 0.49cvss 7.5epss 0.00

    In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-21053HigMar 24, 2023
    risk 0.49cvss 7.5epss 0.00

    In sms_ExtractCbLanguage of sms_CellBroadcast.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21054HigMar 24, 2023
    risk 0.47cvss 7.2epss 0.01

    In EUTRAN_LCS_ConvertLCS_MOLRReq of LPP_CommonUtil.c, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21236MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In aoc_service_set_read_blocked of aoc.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21222MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In load_dt_data of storage.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21161MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21159MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

Page 1 of 3