Google Android vulnerabilities

CVE-2018-9345 [MEDIUM] CWE-908 CVE-2018-9345: In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information discl In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9412 [MEDIUM] CWE-400 CVE-2018-9412: In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2018-9421 [MEDIUM] CWE-908 CVE-2018-9421: In writeInplace of Parcel.cpp, there is a possible information leak across processes, using Binder, In writeInplace of Parcel.cpp, there is a possible information leak across processes, using Binder, due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9410 [MEDIUM] CWE-125 CVE-2018-9410: In analyzeAxes of FontUtils.cpp, there is a possible out of bounds read due to a missing bounds chec In analyzeAxes of FontUtils.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9440 [MEDIUM] CVE-2018-9440: In parse of M3UParser.cpp there is a possible resource exhaustion due to improper input validation. In parse of M3UParser.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2018-9346 [MEDIUM] CWE-908 CVE-2018-9346: In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information discl In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2018-9340 [MEDIUM] CWE-125 CVE-2018-9340: In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure.

CVE-2017-13312 [HIGH] CWE-276 CVE-2017-13312: In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13314 [HIGH] CWE-862 CVE-2017-13314: In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings by In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with no additional execution privileges needed. User interac

CVE-2017-13310 [HIGH] CWE-276 CVE-2017-13310: In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13313 [MEDIUM] CWE-835 CVE-2017-13313: In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite l In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2017-13311 [MEDIUM] CWE-276 CVE-2017-13311: In the read() function of ProcessStats.java, there is a possible read/write serialization issue lead In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13309 [MEDIUM] CVE-2017-13309: In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly u In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2017-13227 [MEDIUM] CVE-2017-13227: In the autofill service, the package name that is provided by the app process is trusted inappropria In the autofill service, the package name that is provided by the app process is trusted inappropriately. This could lead to information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-43091 [CRITICAL] CWE-190 CVE-2024-43091: In filterMask of SkEmbossMaskFilter.cpp, there is a possible out of bounds write due to an integer o In filterMask of SkEmbossMaskFilter.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-34719 [HIGH] CWE-476 CVE-2024-34719: In multiple locations, there is a possible permissions bypass due to a missing null check. This coul In multiple locations, there is a possible permissions bypass due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-35659 [HIGH] CVE-2023-35659: In DevmemIntChangeSparse of devicemem_server.c, there is a possible arbitrary code execution due to In DevmemIntChangeSparse of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-40661 [HIGH] CWE-862 CVE-2024-40661: In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to acces In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to access the microphone due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-43089 [HIGH] CWE-862 CVE-2024-43089: In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-35686 [HIGH] CVE-2023-35686: In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper in In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.