Google Android vulnerabilities

CVE-2023-38554 [MEDIUM] CWE-787 CVE-2023-38554: In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could lead to local denial of service with no additional execution privileges

CVE-2023-38438 [MEDIUM] CWE-862 CVE-2023-38438: In vowifiservice, there is a possible missing permission check.This could lead to local information In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2023-20839 [MEDIUM] CWE-125 CVE-2023-20839: In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326409.

CVE-2023-38436 [MEDIUM] CWE-862 CVE-2023-38436: In vowifiservice, there is a possible missing permission check.This could lead to local information In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2023-38468 [MEDIUM] CWE-787 CVE-2023-38468: In urild service, there is a possible out of bounds write due to a missing bounds check. This could In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2023-32809 [MEDIUM] CVE-2023-32809: In bluetooth driver, there is a possible read and write access to registers due to improper access c In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849753; Issue ID: ALPS07849753.

CVE-2023-20846 [MEDIUM] CWE-125 CVE-2023-20846: In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This c In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098.

CVE-2023-32815 [MEDIUM] CWE-125 CVE-2023-32815: In gnss service, there is a possible out of bounds read due to improper input validation. This could In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08037801; Issue ID: ALPS08037801.

CVE-2023-20838 [MEDIUM] CWE-125 CVE-2023-20838: In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418.

CVE-2022-47352 [MEDIUM] CWE-125 CVE-2022-47352: In camera driver, there is a possible out of bounds read due to a missing bounds check. This could l In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2022-48452 [MEDIUM] CWE-862 CVE-2022-48452: In Ifaa service, there is a possible missing permission check. This could lead to local denial of se In Ifaa service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed

CVE-2023-38440 [MEDIUM] CWE-862 CVE-2023-38440: In vowifiservice, there is a possible missing permission check.This could lead to local information In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2023-20844 [MEDIUM] CWE-125 CVE-2023-20844: In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This c In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354058; Issue ID: ALPS07340121.

CVE-2023-38437 [MEDIUM] CWE-862 CVE-2023-38437: In vowifiservice, there is a possible missing permission check.This could lead to local information In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2023-38553 [MEDIUM] CWE-787 CVE-2023-38553: In gnss service, there is a possible out of bounds write due to a missing bounds check. This could l In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed

CVE-2023-38454 [MEDIUM] CWE-862 CVE-2023-38454: In vowifi service, there is a possible missing permission check.This could lead to local information In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2023-33918 [MEDIUM] CWE-862 CVE-2023-33918: In vowifiservice, there is a possible missing permission check.This could lead to local information In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2023-38441 [MEDIUM] CWE-862 CVE-2023-38441: In vowifiservice, there is a possible missing permission check.This could lead to local information In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2023-20823 [MEDIUM] CWE-125 CVE-2023-20823: In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08021592; Issue ID: ALPS08021592.

CVE-2023-32816 [MEDIUM] CWE-125 CVE-2023-32816: In gnss service, there is a possible out of bounds read due to improper input validation. This could In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044032.