Google Android vulnerabilities

CVE-2024-20106 [MEDIUM] CWE-843 CVE-2024-20106: In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08960505; Issue ID: MSV-1590.

CVE-2024-20107 [MEDIUM] CWE-125 CVE-2024-20107: In da, there is a possible out of bounds read due to a missing bounds check. This could lead to loca In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09124360; Issue ID: MSV-1823.

CVE-2024-20118 [MEDIUM] CWE-123 CVE-2024-20118: In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062392; Issue ID: MSV-1621.

CVE-2024-20121 [MEDIUM] CWE-787 CVE-2024-20121: In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lea In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1574.

CVE-2024-20110 [MEDIUM] CWE-787 CVE-2024-20110: In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065887; Issue ID: MSV-1762.

CVE-2024-20119 [MEDIUM] CWE-123 CVE-2024-20119: In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062301; Issue ID: MSV-1620.

CVE-2024-20117 [MEDIUM] CWE-125 CVE-2024-20117: In vdec, there is a possible out of bounds read due to improper structure design. This could lead to In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1681.

CVE-2024-20122 [MEDIUM] CWE-125 CVE-2024-20122: In vdec, there is a possible out of bounds read due to improper structure design. This could lead to In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1572.

CVE-2024-20112 [MEDIUM] CWE-125 CVE-2024-20112: In isp, there is a possible out of bounds read due to a missing bounds check. This could lead to loc In isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09071481; Issue ID: MSV-1730.

CVE-2024-20108 [MEDIUM] CWE-787 CVE-2024-20108: In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to l In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774.

CVE-2024-20124 [MEDIUM] CWE-125 CVE-2024-20124: In vdec, there is a possible out of bounds read due to improper structure design. This could lead to In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1568.

CVE-2024-20120 [MEDIUM] CWE-787 CVE-2024-20120: In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lea In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1575.

CVE-2024-20123 [MEDIUM] CWE-125 CVE-2024-20123: In vdec, there is a possible out of bounds read due to improper structure design. This could lead to In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1569.

CVE-2024-20113 [MEDIUM] CWE-787 CVE-2024-20113: In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09036814; Issue ID: MSV-1715.

CVE-2024-20114 [MEDIUM] CWE-787 CVE-2024-20114: In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09037038; Issue ID: MSV-1714.

CVE-2024-20111 [MEDIUM] CWE-787 CVE-2024-20111: In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065033; Issue ID: MSV-1754.

CVE-2024-38408 [HIGH] CVE-2024-38408: Closed-source component Android Security Bulletin 2024-11-01 CVE: CVE-2024-38408 Severity: CRITICAL Component: Closed-source component References: A-357615875 *

CVE-2024-38405 [HIGH] CVE-2024-38405: WLAN Android Security Bulletin 2024-11-01 CVE: CVE-2024-38405 Severity: HIGH Component: WLAN References: A-357615761 QC-CR#3754687

CVE-2024-38423 [HIGH] CVE-2024-38423: Display Android Security Bulletin 2024-11-01 CVE: CVE-2024-38423 Severity: HIGH Component: Display References: A-357615775 QC-CR#3799033

CVE-2024-38422 [HIGH] CVE-2024-38422: Audio Android Security Bulletin 2024-11-01 CVE: CVE-2024-38422 Severity: HIGH Component: Audio References: A-357616000 QC-CR#3794268 [2] [3]