Google Android vulnerabilities

CVE-2021-1001 [MEDIUM] CWE-125 CVE-2021-1001: In PVInitVideoEncoder of mp4enc_api.cpp, there is a possible out of bounds read due to a heap buffer In PVInitVideoEncoder of mp4enc_api.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-190435883

CVE-2021-1005 [MEDIUM] CWE-203 CVE-2021-1005: In getDeviceIdWithFeature of PhoneInterfaceManager.java, there is a possible way to determine whethe In getDeviceIdWithFeature of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Androi

CVE-2021-0966 [MEDIUM] CWE-909 CVE-2021-0966: In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted pa In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data. This could lead to local information disclosure across Binder transactions with no additional execution privileges needed. User interaction is not needed for exploita

CVE-2021-1025 [MEDIUM] CWE-862 CVE-2021-1025: In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine whether a In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: A

CVE-2021-0931 [MEDIUM] CVE-2021-0931: In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-180747689

CVE-2021-0704 [MEDIUM] CWE-281 CVE-2021-0704: In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, th In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.P

CVE-2021-0973 [MEDIUM] CWE-178 CVE-2021-0973: In isFileUri of UriUtil.java, there is a possible way to bypass ignoring file://URI attachment due t In isFileUri of UriUtil.java, there is a possible way to bypass ignoring file://URI attachment due to improper handling of case sensitivity. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-197328178

CVE-2021-0986 [MEDIUM] CWE-862 CVE-2021-0986: In hasGrantedPolicy of DevicePolicyManagerService.java, there is a possible information disclosure a In hasGrantedPolicy of DevicePolicyManagerService.java, there is a possible information disclosure about the device owner, profile owner, or device admin due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersi

CVE-2021-0997 [MEDIUM] CWE-532 CVE-2021-0997: In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN disclos In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN disclosure due to log information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-191086488

CVE-2021-0998 [MEDIUM] CWE-125 CVE-2021-0998: In 'ih264e_find_bskip_params()' of ih264e_me.c, there is a possible out of bounds read due to a heap In 'ih264e_find_bskip_params()' of ih264e_me.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-193442575

CVE-2021-0952 [MEDIUM] CVE-2021-0952: In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confuse In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user's contacts with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-195748381

CVE-2021-1011 [MEDIUM] CWE-862 CVE-2021-1011: In setPackageStoppedState of PackageManagerService.java, there is a missing permission check. This c In setPackageStoppedState of PackageManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-188219307

CVE-2021-0996 [MEDIUM] CWE-125 CVE-2021-0996: In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bo In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over NFC with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-181346545

CVE-2021-0979 [MEDIUM] CWE-276 CVE-2021-0979: In isRequestPinItemSupported of ShortcutService.java, there is a possible cross-user leak of package In isRequestPinItemSupported of ShortcutService.java, there is a possible cross-user leak of packages in which the default launcher supports requests to create pinned shortcuts due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Pro

CVE-2021-1023 [MEDIUM] CWE-200 CVE-2021-1023: In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine whether In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersio

CVE-2021-1026 [MEDIUM] CWE-203 CVE-2021-1026: In startRanging of RttServiceImpl.java, there is a possible way to determine whether an app is insta In startRanging of RttServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi

CVE-2021-0919 [MEDIUM] CWE-190 CVE-2021-0919: In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer over In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-197336441

CVE-2021-1013 [MEDIUM] CWE-203 CVE-2021-1013: In checkExistsAndEnforceCannotModifyImmutablyRestrictedPermission of PermissionManagerService.java, In checkExistsAndEnforceCannotModifyImmutablyRestrictedPermission of PermissionManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is n

CVE-2021-1008 [MEDIUM] CVE-2021-1008: In addSubInfo of SubscriptionController.java, there is a possible way to force the user to make a fa In addSubInfo of SubscriptionController.java, there is a possible way to force the user to make a factory reset due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-197327688

CVE-2021-1024 [MEDIUM] CVE-2021-1024: In onEventReceived of EventResultPersister.java, there is a possible intent redirection due to a con In onEventReceived of EventResultPersister.java, there is a possible intent redirection due to a confused deputy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-191283525