Google Android vulnerabilities

CVE-2023-20781 [MEDIUM] CWE-787 CVE-2023-20781: In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS07905323.

CVE-2023-20797 [MEDIUM] CWE-787 CVE-2023-20797: In camera middleware, there is a possible out of bounds write due to a missing bounds check. This co In camera middleware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629582; Issue ID: ALPS07629582.

CVE-2023-20818 [MEDIUM] CWE-125 CVE-2023-20818: In wlan service, there is a possible out of bounds read due to improper input validation. This could In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460540; Issue ID: ALPS07460540.

CVE-2022-40510 [CRITICAL] CVE-2022-40510: Closed-source component Android Security Bulletin 2023-08-01 CVE: CVE-2022-40510 Severity: CRITICAL Component: Closed-source component References: A-268059589 *

CVE-2020-29374 [LOW] CVE-2020-29374: COW Android Security Bulletin 2023-08-01 CVE: CVE-2020-29374 Severity: HIGH Type: EoP Component: COW References: A-174737879 Upstream kernel [2] [3] [4] [5] [6]

CVE-2023-28555 [HIGH] CVE-2023-28555: Closed-source component Android Security Bulletin 2023-08-01 CVE: CVE-2023-28555 Severity: HIGH Component: Closed-source component References: A-280342401 *

CVE-2022-34830 [HIGH] CVE-2022-34830: Mali Android Security Bulletin 2023-08-01 CVE: CVE-2022-34830 Severity: HIGH Component: Mali References: A-227655299 *

CVE-2023-22666 [HIGH] CVE-2023-22666: Closed-source component Android Security Bulletin 2023-08-01 CVE: CVE-2023-22666 Severity: HIGH Component: Closed-source component References: A-280342037 *

CVE-2023-28537 [HIGH] CVE-2023-28537: Closed-source component Android Security Bulletin 2023-08-01 CVE: CVE-2023-28537 Severity: HIGH Component: Closed-source component References: A-280341737 *

CVE-2023-21626 [HIGH] CVE-2023-21626: Closed-source component Android Security Bulletin 2023-08-01 CVE: CVE-2023-21626 Severity: HIGH Component: Closed-source component References: A-268060065 *

CVE-2023-35692 [HIGH] CWE-273 CVE-2023-35692: In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an e In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21250 [CRITICAL] CWE-787 CVE-2023-21250: In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bou In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-20918 [CRITICAL] CWE-611 CVE-2023-20918: In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege d In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21251 [HIGH] CWE-20 CVE-2023-21251: In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consen In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

CVE-2023-21248 [HIGH] CWE-862 CVE-2023-21248: In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-35694 [HIGH] CWE-125 CVE-2023-35694: In DMPixelLogger_ProcessDmCommand of DMPixelLogger.cpp, there is a possible out of bounds read due t In DMPixelLogger_ProcessDmCommand of DMPixelLogger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21254 [HIGH] CWE-863 CVE-2023-21254: In getCurrentState of OneTimePermissionUserManager.java, there is a possible way to hold one-time pe In getCurrentState of OneTimePermissionUserManager.java, there is a possible way to hold one-time permissions after the app is being killed due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21247 [HIGH] CWE-862 CVE-2023-21247: In getAvailabilityStatus of BluetoothScanningMainSwitchPreferenceController.java, there is a possibl In getAvailabilityStatus of BluetoothScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21399 [HIGH] CWE-327 CVE-2023-21399: there is a possible way to bypass cryptographic assurances due to a logic error in the code. This co there is a possible way to bypass cryptographic assurances due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21257 [HIGH] CWE-862 CVE-2023-21257: In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.