Android
by Google
CVEs (4,717)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-9463 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2018-9462 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In store_cmd of ftm4_pdc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2018-9439 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In __unregister_prot_hook and packet_release of af_packet.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for… | ||
| CVE-2018-9416 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due to an unusual root cause. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2018-9404 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In oemCallback of ril.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2018-9403 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In the MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF handler of flp2hal_- interface.c, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege in a privileged process with System execution privileges needed.… | ||
| CVE-2018-9400 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In gt1x_debug_write_proc and gt1x_tool_write of drivers/input/touchscreen/mediatek/GT1151/gt1x_generic.c and gt1x_tools.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution… | ||
| CVE-2018-9399 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In /proc/driver/wmt_dbg driver, there are several possible out of bounds writes. These could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2018-9398 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In fm_set_stat of mediatek FM radio driver, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2018-9397 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In WMT_unlocked_ioctl of MTK WMT device driver, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2018-9396 | Med | 0.44 | 6.7 | 0.00 | Dec 4, 2024 | In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed… | ||
| CVE-2018-9395 | Med | 0.44 | 6.7 | 0.00 | Dec 4, 2024 | In mtk_cfg80211_vendor_packet_keep_alive_start and mtk_cfg80211_vendor_set_config of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_vendor.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System… | ||
| CVE-2018-9394 | Med | 0.44 | 6.7 | 0.00 | Dec 4, 2024 | In mtk_p2p_wext_set_key of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_p2p.c, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for… | ||
| CVE-2018-9393 | Med | 0.44 | 6.7 | 0.00 | Dec 4, 2024 | In procfile_write of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_proc.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for… | ||
| CVE-2018-9392 | Med | 0.44 | 6.7 | 0.00 | Dec 4, 2024 | In get_binary of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/data_coder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is… | ||
| CVE-2018-9376 | Med | 0.44 | 6.7 | 0.00 | Dec 2, 2024 | In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not… | ||
| CVE-2017-13311 | Med | 0.44 | 6.7 | 0.00 | Nov 15, 2024 | In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges… | ||
| CVE-2024-29783 | Med | 0.44 | 6.7 | 0.00 | Apr 5, 2024 | In tmu_get_tr_thresholds, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2024-25987 | Med | 0.44 | 6.7 | 0.00 | Mar 11, 2024 | In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2024-0044 | Med | 0.44 | 6.7 | 0.01 | Mar 11, 2024 | In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
- risk 0.44cvss 6.7epss 0.00
In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In store_cmd of ftm4_pdc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In __unregister_prot_hook and packet_release of af_packet.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for…
- risk 0.44cvss 6.7epss 0.00
In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due to an unusual root cause. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In oemCallback of ril.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In the MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF handler of flp2hal_- interface.c, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege in a privileged process with System execution privileges needed.…
- risk 0.44cvss 6.7epss 0.00
In gt1x_debug_write_proc and gt1x_tool_write of drivers/input/touchscreen/mediatek/GT1151/gt1x_generic.c and gt1x_tools.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution…
- risk 0.44cvss 6.7epss 0.00
In /proc/driver/wmt_dbg driver, there are several possible out of bounds writes. These could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In fm_set_stat of mediatek FM radio driver, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In WMT_unlocked_ioctl of MTK WMT device driver, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
- risk 0.44cvss 6.7epss 0.00
In mtk_cfg80211_vendor_packet_keep_alive_start and mtk_cfg80211_vendor_set_config of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_vendor.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System…
- risk 0.44cvss 6.7epss 0.00
In mtk_p2p_wext_set_key of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_p2p.c, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…
- risk 0.44cvss 6.7epss 0.00
In procfile_write of drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_proc.c, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…
- risk 0.44cvss 6.7epss 0.00
In get_binary of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/data_coder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is…
- risk 0.44cvss 6.7epss 0.00
In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not…
- risk 0.44cvss 6.7epss 0.00
In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges…
- risk 0.44cvss 6.7epss 0.00
In tmu_get_tr_thresholds, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.01
In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Page 138 of 236