Google Android vulnerabilities

CVE-2022-20485 [HIGH] CWE-770 CVE-2022-20485: In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissio In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-1

CVE-2022-20442 [HIGH] CWE-1021 CVE-2022-20442: In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a se In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Andro

CVE-2022-20476 [MEDIUM] CWE-835 CVE-2022-20476: In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infin In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infinite reboot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-1

CVE-2022-20498 [MEDIUM] CWE-125 CVE-2022-20498: In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect b In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246465

CVE-2022-20449 [MEDIUM] CWE-22 CVE-2022-20449: In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of syst In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-1

CVE-2021-0934 [MEDIUM] CWE-1284 CVE-2021-0934: In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource exhau In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-169762606

CVE-2022-20496 [MEDIUM] CWE-416 CVE-2022-20496: In setDataSource of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due t In setDataSource of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-245242273

CVE-2022-20468 [MEDIUM] CWE-125 CVE-2022-20468: In BNEP_ConnectResp of bnep_api.cc, there is a possible out of bounds read due to an incorrect bound In BNEP_ConnectResp of bnep_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13An

CVE-2022-20502 [MEDIUM] CWE-416 CVE-2022-20502: In GetResolvedMethod of entrypoint_utils-inl.h, there is a possible use after free due to a stale ca In GetResolvedMethod of entrypoint_utils-inl.h, there is a possible use after free due to a stale cache. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222166527

CVE-2022-20497 [MEDIUM] CWE-200 CVE-2022-20497: In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead to local information disclosure with physical access required and an app that runs above the lockscreen, with no additional execution privileges needed. U

CVE-2022-20482 [MEDIUM] CWE-400 CVE-2022-20482: In createNotificationChannel of NotificationManager.java, there is a possible way to make the device In createNotificationChannel of NotificationManager.java, there is a possible way to make the device unusable and require factory reset due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L

CVE-2022-20500 [MEDIUM] CWE-755 CVE-2022-20500: In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught excepti In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246540168

CVE-2022-20466 [MEDIUM] CWE-1188 CVE-2022-20466: In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to obse In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: And

CVE-2022-20471 [MEDIUM] CWE-125 CVE-2022-20471: In SendIncDecRestoreCmdPart2 of NxpMfcReader.cc, there is a possible out of bounds read due to a mis In SendIncDecRestoreCmdPart2 of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-2381

CVE-2022-20240 [LOW] CWE-862 CVE-2022-20240: In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location infor In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-231496105

CVE-2022-39907 [HIGH] CWE-190 CVE-2022-39907: Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-202 Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.

CVE-2022-39908 [HIGH] CWE-367 CVE-2022-39908: TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.

CVE-2022-39897 [MEDIUM] CWE-200 CVE-2022-39897: Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows att Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.

CVE-2022-39900 [MEDIUM] CWE-284 CVE-2022-39900: Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch.

CVE-2022-39905 [MEDIUM] CWE-285 CVE-2022-39905: Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allow Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent.