Google Android vulnerabilities

CVE-2022-20022 [MEDIUM] CVE-2022-20022: In Bluetooth, there is a possible link disconnection due to bluetooth does not properly handle a con In Bluetooth, there is a possible link disconnection due to bluetooth does not properly handle a connection attempt from a host with the same BD address as the currently connected BT host. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06

CVE-2022-20019 [MEDIUM] CWE-20 CVE-2022-20019: In libMtkOmxGsmDec, there is a possible information disclosure due to an incorrect bounds check. Thi In libMtkOmxGsmDec, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917620; Issue ID: ALPS05917620.

CVE-2022-20016 [MEDIUM] CWE-667 CVE-2022-20016: In vow driver, there is a possible memory corruption due to improper locking. This could lead to loc In vow driver, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862986; Issue ID: ALPS05862986.

CVE-2022-20013 [MEDIUM] CWE-367 CVE-2022-20013: In vow driver, there is a possible memory corruption due to a race condition. This could lead to loc In vow driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05837742.

CVE-2022-20018 [MEDIUM] CWE-908 CVE-2022-20018: In seninf driver, there is a possible information disclosure due to uninitialized data. This could l In seninf driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863018; Issue ID: ALPS05863018.

CVE-2022-20020 [MEDIUM] CWE-20 CVE-2022-20020: In libvcodecdrv, there is a possible information disclosure due to a missing bounds check. This coul In libvcodecdrv, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05943906; Issue ID: ALPS05943906.

CVE-2022-20021 [MEDIUM] CVE-2022-20021: In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the re In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMP_host_connection_req. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198513; Issue ID: ALPS06198513.

CVE-2021-30285 [CRITICAL] CVE-2021-30285: Closed-source component Android Security Bulletin 2022-01-01 CVE: CVE-2021-30285 Severity: CRITICAL Component: Closed-source component References: A-193070555 *

CVE-2021-31345 [HIGH] CVE-2021-31345: Modem (Nucleus NET TCP/IP) Android Security Bulletin 2022-01-01 CVE: CVE-2021-31345 Severity: HIGH Component: Modem (Nucleus NET TCP/IP) References: A-207693368 M- MOLY00756840 *

CVE-2021-40148 [HIGH] CVE-2021-40148: Modem EMM Android Security Bulletin 2022-01-01 CVE: CVE-2021-40148 Severity: HIGH Component: Modem EMM References: A-204728248 M-MOLY00716585 *

CVE-2021-30353 [HIGH] CVE-2021-30353: Audio Android Security Bulletin 2022-01-01 CVE: CVE-2021-30353 Severity: HIGH Component: Audio References: A-202025599 QC-CR#2993069 [2]

CVE-2021-30300 [HIGH] CVE-2021-30300: Closed-source component Android Security Bulletin 2022-01-01 CVE: CVE-2021-30300 Severity: HIGH Component: Closed-source component References: A-193071116 *

CVE-2021-30307 [HIGH] CVE-2021-30307: Closed-source component Android Security Bulletin 2022-01-01 CVE: CVE-2021-30307 Severity: HIGH Component: Closed-source component References: A-193070700 *

CVE-2021-30301 [HIGH] CVE-2021-30301: Closed-source component Android Security Bulletin 2022-01-01 CVE: CVE-2021-30301 Severity: HIGH Component: Closed-source component References: A-193070342 *

CVE-2021-1049 [CRITICAL] CVE-2021-1049: slogmodem Android Security Bulletin 2022-01-01 CVE: CVE-2021-1049 Severity: HIGH Component: slogmodem References: A-204256722 U-1733219 *

CVE-2021-30308 [HIGH] CVE-2021-30308: Closed-source component Android Security Bulletin 2022-01-01 CVE: CVE-2021-30308 Severity: HIGH Component: Closed-source component References: A-193070594 *

CVE-2021-30287 [HIGH] CVE-2021-30287: Closed-source component Android Security Bulletin 2022-01-01 CVE: CVE-2021-30287 Severity: HIGH Component: Closed-source component References: A-193070556 *

CVE-2021-39633 [MEDIUM] CVE-2021-39633: Kernel Android Security Bulletin 2022-01-01 CVE: CVE-2021-39633 Severity: HIGH Type: ID Component: Kernel References: A-150694665 Upstream kernel

CVE-2021-30311 [HIGH] CVE-2021-30311: Closed-source component Android Security Bulletin 2022-01-01 CVE: CVE-2021-30311 Severity: HIGH Component: Closed-source component References: A-193070557 *

CVE-2021-30319 [HIGH] CVE-2021-30319: WLAN Android Security Bulletin 2022-01-01 CVE: CVE-2021-30319 Severity: HIGH Component: WLAN References: A-202025735 QC-CR#2960714