Google Android vulnerabilities

CVE-2023-20817 [MEDIUM] CWE-787 CVE-2023-20817: In wlan service, there is a possible out of bounds write due to improper input validation. This coul In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453600; Issue ID: ALPS07453600.

CVE-2023-20789 [MEDIUM] CVE-2023-20789: In jpeg, there is a possible information disclosure due to a missing bounds check. This could lead t In jpeg, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07693193; Issue ID: ALPS07693193.

CVE-2023-33910 [MEDIUM] CWE-862 CVE-2023-33910: In Contacts Service, there is a possible missing permission check.This could lead to local informati In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2022-47351 [MEDIUM] CWE-125 CVE-2022-47351: In camera driver, there is a possible out of bounds read due to a missing bounds check. This could l In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2023-20814 [MEDIUM] CWE-787 CVE-2023-20814: In wlan service, there is a possible out of bounds write due to improper input validation. This coul In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453560; Issue ID: ALPS07453560.

CVE-2023-20815 [MEDIUM] CWE-787 CVE-2023-20815: In wlan service, there is a possible out of bounds write due to improper input validation. This coul In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453587; Issue ID: ALPS07453587.

CVE-2023-20798 [MEDIUM] CWE-125 CVE-2023-20798: In pda, there is a possible out of bounds read due to an incorrect calculation of buffer size. This In pda, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07147572; Issue ID: ALPS07421076.

CVE-2023-20812 [MEDIUM] CWE-787 CVE-2023-20812: In wlan driver, there is a possible out of bounds write due to improper input validation. This could In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944987; Issue ID: ALPS07944987.

CVE-2023-20810 [MEDIUM] CVE-2023-20810: In IOMMU, there is a possible information disclosure due to improper input validation. This could le In IOMMU, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061.

CVE-2023-20804 [MEDIUM] CWE-787 CVE-2023-20804: In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326384.

CVE-2023-20809 [MEDIUM] CWE-787 CVE-2023-20809: In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to l In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03751198; Issue ID: DTV03751198.

CVE-2023-33908 [MEDIUM] CWE-862 CVE-2023-33908: In ims service, there is a possible missing permission check. This could lead to local information d In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

CVE-2023-20801 [MEDIUM] CWE-362 CVE-2023-20801: In imgsys, there is a possible use after free due to a race condition. This could lead to local esca In imgsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420968.

CVE-2023-20780 [MEDIUM] CVE-2023-20780: In keyinstall, there is a possible information disclosure due to a missing bounds check. This could In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017756.

CVE-2023-20783 [MEDIUM] CWE-787 CVE-2023-20783: In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lea In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826905; Issue ID: ALPS07826905.

CVE-2023-20795 [MEDIUM] CWE-787 CVE-2023-20795: In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07864900; Issue ID: ALPS07864900.

CVE-2023-20800 [MEDIUM] CWE-863 CVE-2023-20800: In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local esca In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420955.

CVE-2023-20790 [MEDIUM] CWE-787 CVE-2023-20790: In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194.

CVE-2023-20788 [MEDIUM] CWE-367 CVE-2023-20788: In thermal, there is a possible use after free due to a race condition. This could lead to local esc In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735.

CVE-2023-20803 [MEDIUM] CWE-787 CVE-2023-20803: In imgsys, there is a possible memory corruption due to improper input validation. This could lead t In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326374.