Google Android vulnerabilities

CVE-2021-35075 [HIGH] CVE-2021-35075: Kernel Android Security Bulletin 2022-02-01 CVE: CVE-2021-35075 Severity: HIGH Component: Kernel References: A-204905325 QC-CR#2998149

CVE-2021-30318 [HIGH] CVE-2021-30318: Closed-source component Android Security Bulletin 2022-02-01 CVE: CVE-2021-30318 Severity: HIGH Component: Closed-source component References: A-202025316*

CVE-2021-35069 [HIGH] CVE-2021-35069: WLAN Android Security Bulletin 2022-02-01 CVE: CVE-2021-35069 Severity: HIGH Component: WLAN References: A-203032261 QC-CR#3001191

CVE-2021-39616 [CRITICAL] CVE-2021-39616: sprd-vowifi Android Security Bulletin 2022-02-01 CVE: CVE-2021-39616 Severity: HIGH Component: sprd-vowifi References: A-204686438 U-1704529*

CVE-2021-30323 [HIGH] CVE-2021-30323: Closed-source component Android Security Bulletin 2022-02-01 CVE: CVE-2021-30323 Severity: HIGH Component: Closed-source component References: A-195750446*

CVE-2021-35077 [HIGH] CVE-2021-35077: Kernel Android Security Bulletin 2022-02-01 CVE: CVE-2021-35077 Severity: HIGH Component: Kernel References: A-204904989 QC-CR#3007135

CVE-2021-30322 [HIGH] CVE-2021-30322: Closed-source component Android Security Bulletin 2022-02-01 CVE: CVE-2021-30322 Severity: HIGH Component: Closed-source component References: A-195751178*

CVE-2021-39658 [CRITICAL] CVE-2021-39658: IsmsEx Android Security Bulletin 2022-02-01 CVE: CVE-2021-39658 Severity: HIGH Component: IsmsEx References: A-207479207 U-1732729*

CVE-2022-23728 [MEDIUM] CWE-684 CVE-2022-23728: Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is L Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011.

CVE-2021-39623 [CRITICAL] CWE-787 CVE-2021-39623: In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect b In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-19410534

CVE-2021-39630 [HIGH] CWE-863 CVE-2021-39630: In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overl In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overlays from adb shell due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-202768292

CVE-2021-0959 [HIGH] CVE-2021-0959: In jit_memory_region.cc, there is a possible bypass of memory restrictions due to a logic error in t In jit_memory_region.cc, there is a possible bypass of memory restrictions due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-200284993

CVE-2021-39626 [HIGH] CWE-610 CVE-2021-39626: In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9

CVE-2021-39627 [HIGH] CWE-732 CVE-2021-39627: In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions byp In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A

CVE-2021-39632 [HIGH] CWE-787 CVE-2021-39632: In inotify_cb of events.cpp, there is a possible out of bounds write due to an incorrect bounds chec In inotify_cb of events.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-202159709

CVE-2021-1036 [HIGH] CWE-1021 CVE-2021-1036: In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/over In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-182812255

CVE-2021-39625 [HIGH] CVE-2021-39625: In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android

CVE-2021-39618 [HIGH] CVE-2021-39618: In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing pa In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing packages without user consent due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Androi

CVE-2021-39621 [HIGH] CWE-732 CVE-2021-39621: In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions byp In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A

CVE-2021-1035 [HIGH] CWE-610 CVE-2021-1035: In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to inv In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to invoke an arbitrary broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-12A