Google Android vulnerabilities

CVE-2023-21199 [MEDIUM] CWE-125 CVE-2023-21199: In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing boun In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445961

CVE-2023-21205 [MEDIUM] CWE-502 CVE-2023-21205: In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245376

CVE-2023-21208 [MEDIUM] CWE-125 CVE-2023-21208: In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper i In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245254

CVE-2023-21237 [MEDIUM] CWE-200 CVE-2023-21237: In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground s In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground service notification due to misleading or insufficient UI. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A

CVE-2023-21204 [MEDIUM] CWE-125 CVE-2023-21204: In multiple files, there is a possible out of bounds read due to a missing bounds check. This could In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262246231

CVE-2023-21210 [MEDIUM] CWE-125 CVE-2023-21210: In initiateHs20IconQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to imp In initiateHs20IconQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236331

CVE-2023-21190 [MEDIUM] CVE-2023-21190: In btm_acl_encrypt_change of btm_acl.cc, there is a possible way for a remote device to turn off enc In btm_acl_encrypt_change of btm_acl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13

CVE-2023-21176 [MEDIUM] CWE-400 CVE-2023-21176: In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222287335

CVE-2023-21130 [CRITICAL] CWE-125 CVE-2023-21130: In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution due t In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-273502002

CVE-2023-21138 [HIGH] CWE-20 CVE-2023-21138: In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L

CVE-2023-21115 [HIGH] CWE-327 CVE-2023-21115: In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-2

CVE-2023-21121 [HIGH] CWE-20 CVE-2023-21121: In onResume of AppManagementFragment.java, there is a possible way to prevent users from forgetting In onResume of AppManagementFragment.java, there is a possible way to prevent users from forgetting a previously connected VPN due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12An

CVE-2023-21108 [HIGH] CWE-416 CVE-2023-21108: In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use aft In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Andr

CVE-2023-21122 [HIGH] CWE-862 CVE-2023-21122: In various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEAT In various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android

CVE-2023-21131 [HIGH] CWE-639 CVE-2023-21131: In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass of P In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution privileges needed. User interaction is not needed for e

CVE-2023-21124 [HIGH] CWE-502 CVE-2023-21124: In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-265798353

CVE-2023-21135 [HIGH] CWE-20 CVE-2023-21135: In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Andro

CVE-2023-21129 [HIGH] CWE-276 CVE-2023-21129: In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a possible a In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a possible activity launch while the app is in the background due to a BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Andr

CVE-2023-21123 [HIGH] CWE-862 CVE-2023-21123: In multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FE In multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Andro

CVE-2023-21128 [HIGH] CWE-276 CVE-2023-21128: In various functions of AppStandbyController.java, there is a possible way to break manageability sc In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Androi