Google Android vulnerabilities

CVE-2022-20541 [MEDIUM] CWE-125 CVE-2022-20541: In phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bounds read due to a missing boun In phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238083126

CVE-2022-20517 [MEDIUM] CWE-89 CVE-2022-20517: In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224769956

CVE-2022-20199 [MEDIUM] CWE-610 CVE-2022-20199: In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confus In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199291025

CVE-2022-20549 [MEDIUM] CWE-787 CVE-2022-20549: In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrec In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242702451

CVE-2022-20527 [MEDIUM] CWE-125 CVE-2022-20527: In HalCoreCallback of halcore.cc, there is a possible out of bounds read due to a missing bounds che In HalCoreCallback of halcore.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC firmware with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229994861

CVE-2022-20544 [MEDIUM] CWE-862 CVE-2022-20544: In onOptionsItemSelected of ManageApplications.java, there is a possible bypass of profile owner res In onOptionsItemSelected of ManageApplications.java, there is a possible bypass of profile owner restrictions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238745070

CVE-2022-20557 [MEDIUM] CWE-125 CVE-2022-20557: In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing b In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-247092734

CVE-2022-20558 [LOW] CWE-863 CVE-2022-20558: In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred T In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236264289

CVE-2022-20526 [LOW] CWE-787 CVE-2022-20526: In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a missin In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229742774

CVE-2022-20533 [LOW] CWE-862 CVE-2022-20533: In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-232798363

CVE-2022-20525 [LOW] CWE-209 CVE-2022-20525: In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual v In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual voicemail package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-22974276

CVE-2022-20519 [LOW] CWE-862 CVE-2022-20519: In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure Wi In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224772678

CVE-2022-20536 [LOW] CWE-862 CVE-2022-20536: In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mod In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235100180

CVE-2022-20528 [LOW] CWE-125 CVE-2022-20528: In findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check. In findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230172711

CVE-2022-20537 [LOW] CWE-862 CVE-2022-20537: In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable loc In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: And

CVE-2022-20535 [LOW] CWE-203 CVE-2022-20535: In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: An

CVE-2022-20529 [LOW] CWE-862 CVE-2022-20529: In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231583603

CVE-2022-20543 [LOW] CWE-1284 CVE-2022-20543: In multiple locations, there is a possible display crash loop due to improper input validation. This In multiple locations, there is a possible display crash loop due to improper input validation. This could lead to local denial of service with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238178261

CVE-2022-20559 [LOW] CWE-203 CVE-2022-20559: In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whethe In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android

CVE-2022-20556 [LOW] CWE-862 CVE-2022-20556: In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the g In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13An