Google Android vulnerabilities

CVE-2022-20394 [MEDIUM] CWE-862 CVE-2022-20394: In getInputMethodWindowVisibleHeight of InputMethodManagerService.java, there is a possible way to d In getInputMethodWindowVisibleHeight of InputMethodManagerService.java, there is a possible way to determine when another app is showing an IME due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Androi

CVE-2022-20351 [MEDIUM] CWE-89 CVE-2022-20351: In queryInternal of CallLogProvider.java, there is a possible access to voicemail information due to In queryInternal of CallLogProvider.java, there is a possible access to voicemail information due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-22477192

CVE-2022-20425 [MEDIUM] CWE-400 CVE-2022-20425: In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent degradation of performan In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent degradation of performance due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android I

CVE-2022-32589 [HIGH] CWE-404 CVE-2022-32589: In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. Th In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07030600; Issue ID: ALPS07030600.

CVE-2022-32591 [HIGH] CWE-20 CVE-2022-32591: In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259; Issue ID: ALPS07257259.

CVE-2022-39854 [HIGH] CWE-284 CVE-2022-39854: Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure me Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory.

CVE-2022-26471 [HIGH] CWE-502 CVE-2022-26471: In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This coul In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319121; Issue ID: ALPS07319121.

CVE-2022-39852 [HIGH] CWE-122 CVE-2022-39852: A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to S A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution.

CVE-2022-39853 [HIGH] CWE-416 CVE-2022-39853: A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault.

CVE-2022-26472 [HIGH] CWE-502 CVE-2022-26472: In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095.

CVE-2022-26475 [MEDIUM] CWE-787 CVE-2022-26475: In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to l In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310743; Issue ID: ALPS07310743.

CVE-2022-32592 [MEDIUM] CWE-787 CVE-2022-32592: In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405.

CVE-2022-32593 [MEDIUM] CWE-787 CVE-2022-32593: In vowe, there is a possible out of bounds write due to a missing bounds check. This could lead to l In vowe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138493; Issue ID: ALPS07138493.

CVE-2022-32590 [MEDIUM] CWE-754 CVE-2022-32590: In wlan, there is a possible use after free due to an incorrect status check. This could lead to loc In wlan, there is a possible use after free due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07299425; Issue ID: ALPS07299425.

CVE-2022-39847 [MEDIUM] CWE-416 CVE-2022-39847: Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR O Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions.

CVE-2022-26473 [MEDIUM] CWE-667 CVE-2022-26473: In vdec fmt, there is a possible use after free due to improper locking. This could lead to local es In vdec fmt, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342197; Issue ID: ALPS07342197.

CVE-2022-26474 [MEDIUM] CWE-131 CVE-2022-26474: In sensorhub, there is a possible out of bounds write due to an incorrect calculation of buffer size In sensorhub, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07129717; Issue ID: ALPS07129717.

CVE-2022-39855 [MEDIUM] CWE-284 CVE-2022-39855: Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a l Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a local attacker to connect arbitrary AP and Bluetooth devices.

CVE-2022-39851 [LOW] CWE-284 CVE-2022-39851: Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows l Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission.

CVE-2022-39856 [LOW] CWE-200 CVE-2022-39856: Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allo Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information.