Google Android vulnerabilities

CVE-2021-0675 [HIGH] CWE-787 CVE-2021-0675: In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This coul In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258.

CVE-2021-1040 [HIGH] CWE-1021 CVE-2021-1040: In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a tapjacking/o In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-182810085

CVE-2021-0955 [HIGH] CWE-362 CVE-2021-0955: In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-192085766

CVE-2021-1020 [HIGH] CWE-20 CVE-2021-1020: In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notifi In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-195111725

CVE-2021-1022 [HIGH] CWE-476 CVE-2021-1022: In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash d In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-180420059

CVE-2021-0971 [MEDIUM] CWE-787 CVE-2021-0971: In MPEG4Source::read of MPEG4Extractor.cpp, there is a possible out of bounds write due to a missing In MPEG4Source::read of MPEG4Extractor.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-188893559

CVE-2021-1010 [MEDIUM] CWE-862 CVE-2021-1010: In getSigningKeySet of PackageManagerService.java, there is a missing permission check. This could l In getSigningKeySet of PackageManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-189857801

CVE-2021-0904 [MEDIUM] CWE-732 CVE-2021-0904: In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938.

CVE-2021-0964 [MEDIUM] CWE-681 CVE-2021-0964: In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap b In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-193363621

CVE-2021-0977 [MEDIUM] CWE-787 CVE-2021-0977: In phNxpNHal_DtaUpdate of phNxpNciHal_dta.cc, there is a possible out of bounds write due to an inco In phNxpNHal_DtaUpdate of phNxpNciHal_dta.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-183487770

CVE-2021-1030 [MEDIUM] CWE-203 CVE-2021-1030: In setNotificationsShownFromListener of NotificationManagerService.java, there is a possible way to In setNotificationsShownFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2021-0993 [MEDIUM] CVE-2021-0993: In getOffsetBeforeAfter of TextLine.java, there is a possible denial of service due to resource exha In getOffsetBeforeAfter of TextLine.java, there is a possible denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-193849901

CVE-2021-1006 [MEDIUM] CWE-1021 CVE-2021-1006: In several functions of DatabaseManager.java, there is a possible leak of Bluetooth MAC addresses du In several functions of DatabaseManager.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-183961974

CVE-2021-1007 [MEDIUM] CWE-125 CVE-2021-1007: In btu_hcif_process_event of btu_hcif.cc, there is a possible out of bounds read due to an incorrect In btu_hcif_process_event of btu_hcif.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-167759047

CVE-2021-0969 [MEDIUM] CWE-755 CVE-2021-0969: In getTitle of AccessPoint.java, there is a possible unhandled exception due to a missing null check In getTitle of AccessPoint.java, there is a possible unhandled exception due to a missing null check. This could lead to remote denial of service if a proximal Wi-Fi AP provides invalid information with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-19

CVE-2021-1014 [MEDIUM] CWE-203 CVE-2021-1014: In getNetworkTypeForSubscriber of PhoneInterfaceManager.java, there is a possible way to determine w In getNetworkTypeForSubscriber of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: A

CVE-2021-0958 [MEDIUM] CVE-2021-0958: In update of km_compat.cpp, there is a possible loss of potentially sensitive data due to a logic er In update of km_compat.cpp, there is a possible loss of potentially sensitive data due to a logic error in the code. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-200041882

CVE-2021-1038 [MEDIUM] CWE-1021 CVE-2021-1038: In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay a In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-183411279

CVE-2021-0653 [MEDIUM] CWE-862 CVE-2021-0653: In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a tr In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android

CVE-2021-0650 [MEDIUM] CWE-125 CVE-2021-0650: In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out of bounds read due to an incorrec In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-190286685