Google Android vulnerabilities

CVE-2023-20782 [MEDIUM] CVE-2023-20782: In keyinstall, there is a possible information disclosure due to a missing bounds check. This could In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550103.

CVE-2023-20807 [MEDIUM] CWE-787 CVE-2023-20807: In dpe, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In dpe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608433; Issue ID: ALPS07608433.

CVE-2023-20796 [MEDIUM] CWE-787 CVE-2023-20796: In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790.

CVE-2022-47350 [MEDIUM] CWE-125 CVE-2022-47350: In camera driver, there is a possible out of bounds read due to a missing bounds check. This could l In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2023-33912 [MEDIUM] CWE-862 CVE-2023-33912: In Contacts service, there is a possible missing permission check.This could lead to local informati In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2023-20786 [MEDIUM] CWE-787 CVE-2023-20786: In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767811; Issue ID: ALPS07767811.

CVE-2023-20806 [MEDIUM] CWE-787 CVE-2023-20806: In hcp, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In hcp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07537437.

CVE-2023-20816 [MEDIUM] CWE-787 CVE-2023-20816: In wlan service, there is a possible out of bounds write due to improper input validation. This coul In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453589; Issue ID: ALPS07453589.

CVE-2023-20813 [MEDIUM] CWE-125 CVE-2023-20813: In wlan service, there is a possible out of bounds read due to improper input validation. This could In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453549; Issue ID: ALPS07453549.

CVE-2023-20802 [MEDIUM] CWE-787 CVE-2023-20802: In imgsys, there is a possible memory corruption due to improper input validation. This could lead t In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420976.

CVE-2023-20811 [MEDIUM] CWE-787 CVE-2023-20811: In IOMMU, there is a possible out of bounds write due to a missing bounds check. This could lead to In IOMMU, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061.

CVE-2023-33909 [MEDIUM] CWE-862 CVE-2023-33909: In Contacts service, there is a possible missing permission check.This could lead to local informati In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2023-33907 [MEDIUM] CWE-862 CVE-2023-33907: In Contacts Service, there is a possible missing permission check. This could lead to local informat In Contacts Service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

CVE-2023-33911 [MEDIUM] CWE-862 CVE-2023-33911: In vowifi service, there is a possible missing permission check.This could lead to local information In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2023-20808 [MEDIUM] CWE-787 CVE-2023-20808: In OPTEE, there is a possible out of bounds write due to a missing bounds check. This could lead to In OPTEE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03645895; Issue ID: DTV03645895.

CVE-2023-20785 [MEDIUM] CWE-367 CVE-2023-20785: In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628524; Issue ID: ALPS07628524.

CVE-2023-20787 [MEDIUM] CWE-367 CVE-2023-20787: In thermal, there is a possible use after free due to a race condition. This could lead to local esc In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648734.

CVE-2023-33906 [MEDIUM] CWE-862 CVE-2023-33906: In Contacts Service, there is a possible missing permission check.This could lead to local informati In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

CVE-2023-20805 [MEDIUM] CWE-787 CVE-2023-20805: In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326411.

CVE-2023-20793 [MEDIUM] CWE-787 CVE-2023-20793: In apu, there is a possible memory corruption due to a missing bounds check. This could lead to loca In apu, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767818; Issue ID: ALPS07767818.