CVE's - CVE Vulnerability

CVE

Vendors

Products

Updated

CVSS v2

CVSS v3

CVE-2022-20578

2022-12-21

N/A

6.7 MEDIUM

In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509749References: N/A

CVE-2022-20577

2022-12-21

N/A

6.7 MEDIUM

In OemSimAuthRequest::encode of wlandata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762281References: N/A

CVE-2022-20576

2022-12-21

N/A

6.7 MEDIUM

In externalOnRequest of rilapplication.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239701761References: N/A

CVE-2022-20575

2022-12-21

N/A

5.5 MEDIUM

In read_ppmpu_info of drm_fw.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237585040References: N/A

CVE-2022-20574

2022-12-21

N/A

5.5 MEDIUM

In sec_sysmmu_info of drm_fw.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237582191References: N/A

CVE-2022-20572

2022-12-21

N/A

6.7 MEDIUM

In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel

CVE-2022-20571

2022-12-21

N/A

6.7 MEDIUM

In extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234030265References: Upstream kernel

CVE-2022-20570

2022-12-20

N/A

5.5 MEDIUM

Product: AndroidVersions: Android kernelAndroid ID: A-230660904References: N/A

CVE-2022-2057

2023-02-23

N/A

6.5 MEDIUM

Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

CVE-2022-20569

2022-12-21

N/A

6.7 MEDIUM

In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-229258234References: N/A

« Previous 1 … 10,844 10,845 10,846 10,847 10,848 … 11,258 Next »