Google Android vulnerabilities

CVE-2022-25821 [HIGH] CWE-125 CVE-2022-25821: Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB re Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read.

CVE-2022-24931 [HIGH] CWE-269 CVE-2022-24931: Improper access control vulnerability in dynamic receiver in ApkInstaller prior to SMR MAR-2022 Rele Improper access control vulnerability in dynamic receiver in ApkInstaller prior to SMR MAR-2022 Release allows unauthorized attackers to execute arbitrary activity without a proper permission

CVE-2022-25814 [HIGH] CWE-276 CVE-2022-25814: PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.

CVE-2022-20054 [HIGH] CWE-862 CVE-2022-20054: In ims service, there is a possible AT command injection due to a missing permission check. This cou In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083.

CVE-2022-25815 [HIGH] CWE-276 CVE-2022-25815: PendingIntent hijacking vulnerability in Weather application prior to SMR Mar-2022 Release 1 allows PendingIntent hijacking vulnerability in Weather application prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.

CVE-2022-25819 [MEDIUM] CWE-125 CVE-2022-25819: OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to vie OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory.

CVE-2022-20057 [MEDIUM] CWE-755 CVE-2022-20057: In btif, there is a possible memory corruption due to incorrect error handling. This could lead to l In btif, there is a possible memory corruption due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06271186; Issue ID: ALPS06271186.

CVE-2022-20049 [MEDIUM] CWE-862 CVE-2022-20049: In vpu, there is a possible escalation of privilege due to a missing permission check. This could le In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679.

CVE-2022-25822 [MEDIUM] CWE-362 CVE-2022-25822: An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash. An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash.

CVE-2022-25820 [MEDIUM] CWE-307 CVE-2022-25820: A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physica A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password.

CVE-2022-20055 [MEDIUM] CWE-787 CVE-2022-20055: In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This coul In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830.

CVE-2022-20059 [MEDIUM] CWE-787 CVE-2022-20059: In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This coul In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160781.

CVE-2022-20056 [MEDIUM] CWE-787 CVE-2022-20056: In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This coul In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160820.

CVE-2022-20050 [MEDIUM] CWE-59 CVE-2022-20050: In connsyslogger, there is a possible symbolic link following due to improper link resolution. This In connsyslogger, there is a possible symbolic link following due to improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06335038; Issue ID: ALPS06335038.

CVE-2022-20051 [MEDIUM] CWE-269 CVE-2022-20051: In ims service, there is a possible unexpected application behavior due to incorrect privilege assig In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127.

CVE-2022-25816 [MEDIUM] CWE-287 CVE-2022-25816: Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1 allows Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1 allows attacker to change enable/disable without authentication

CVE-2022-20058 [MEDIUM] CWE-787 CVE-2022-20058: In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This coul In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160485.

CVE-2022-24932 [MEDIUM] CWE-424 CVE-2022-24932: Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Re Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard.

CVE-2022-20060 [MEDIUM] CWE-306 CVE-2022-20060: In preloader (usb), there is a possible permission bypass due to a missing proper image authenticati In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06137462.

CVE-2022-25817 [LOW] CWE-287 CVE-2022-25817: Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to generate p Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to generate pinned-shortcut without user consent.