Google Andrioid vulnerabilities

CVE-2023-21270 [HIGH] CWE-863 CVE-2023-21270: In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app t In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9365 [HIGH] CWE-125 CVE-2018-9365: In smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code executio In smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code execution due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.