• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-119

CVE-2022-20507

February 23, 2023 by

In onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246649179

CVE-2022-20385

February 23, 2023 by

a function called ‘nla_parse’, do not check the len of para, it will check nla_type (which can be controlled by userspace) with ‘maxtype’ (in this case, it is GSCAN_MAX), then it access polciy array ‘policy[type]’, which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819

CVE-2022-20235

February 23, 2023 by

The PowerVR GPU kernel driver maintains an “Information Page” used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product: AndroidVersions: Android SoCAndroid ID: A-259967780

CVE-2022-20236

February 23, 2023 by

A drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709

CVE-2022-20238

February 23, 2023 by

‘remap_pfn_range’ here may map out of size kernel memory (for example, may map the kernel area), and because the ‘vma->vm_page_prot’ can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233154555

CVE-2022-20064

February 23, 2023 by

In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 445
  • Go to page 446
  • Go to page 447
  • Go to page 448
  • Go to page 449
  • Interim pages omitted …
  • Go to page 452
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE