Google Android vulnerabilities

CVE-2022-39879 [LOW] CWE-285 CVE-2022-39879: Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.

CVE-2022-39887 [LOW] CWE-284 CVE-2022-39887: Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Rel Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.

CVE-2022-39884 [LOW] CWE-284 CVE-2022-39884: Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local at Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.

CVE-2022-32601 [HIGH] CWE-502 CVE-2022-32601: In telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead In telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319132; Issue ID: ALPS07319132.

CVE-2022-20462 [HIGH] CWE-787 CVE-2022-20462: In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a mi In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android

CVE-2022-20441 [HIGH] CWE-276 CVE-2022-20441: In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10

CVE-2022-20452 [HIGH] CWE-276 CVE-2022-20452: In initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code executio In initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code execution due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240138318

CVE-2022-20450 [HIGH] CWE-862 CVE-2022-20450: In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way to bypass us In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way to bypass user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 And

CVE-2022-20451 [HIGH] CWE-862 CVE-2022-20451: In onCallRedirectionComplete of CallsManager.java, there is a possible permissions bypass due to a m In onCallRedirectionComplete of CallsManager.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Androi

CVE-2022-20445 [HIGH] CWE-1284 CVE-2022-20445: In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to imp In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13An

CVE-2022-32614 [MEDIUM] CWE-415 CVE-2022-32614: In audio, there is a possible memory corruption due to a logic error. This could lead to local escal In audio, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310571; Issue ID: ALPS07310571.

CVE-2022-20414 [MEDIUM] CWE-755 CVE-2022-20414: In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop due In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Andr

CVE-2022-32616 [MEDIUM] CWE-908 CVE-2022-32616: In isp, there is a possible out of bounds write due to uninitialized data. This could lead to local In isp, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341258; Issue ID: ALPS07341258.

CVE-2022-20448 [MEDIUM] CWE-276 CVE-2022-20448: In buzzBeepBlinkLocked of NotificationManagerService.java, there is a possible way to share data acr In buzzBeepBlinkLocked of NotificationManagerService.java, there is a possible way to share data across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-

CVE-2022-20447 [MEDIUM] CWE-416 CVE-2022-20447: In PAN_WriteBuf of pan_api.cc, there is a possible out of bounds read due to a use after free. This In PAN_WriteBuf of pan_api.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233604485

CVE-2022-32605 [MEDIUM] CWE-787 CVE-2022-32605: In isp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to In isp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07213898; Issue ID: ALPS07213898.

CVE-2022-21778 [MEDIUM] CWE-125 CVE-2022-21778: In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06382421; Issue ID: ALPS06382421.

CVE-2022-20454 [MEDIUM] CWE-190 CVE-2022-20454: In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. This c In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242096164

CVE-2022-32617 [MEDIUM] CWE-131 CVE-2022-32617: In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. Th In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262364; Issue ID: ALPS07262364.

CVE-2022-32608 [MEDIUM] CWE-367 CVE-2022-32608: In jpeg, there is a possible use after free due to a race condition. This could lead to local escala In jpeg, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388753; Issue ID: ALPS07388753.