Google Android vulnerabilities

CVE-2024-29740 [HIGH] CWE-787 CVE-2024-29740: In tmu_set_table of tmu.c, there is a possible out of bounds write due to a missing bounds check. Th In tmu_set_table of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29753 [HIGH] CWE-787 CVE-2024-29753: In tmu_set_control_temp_step of tmu.c, there is a possible out of bounds write due to a missing boun In tmu_set_control_temp_step of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29752 [HIGH] CWE-787 CVE-2024-29752: In tmu_set_tr_num_thresholds of tmu.c, there is a possible out of bounds write due to a missing boun In tmu_set_tr_num_thresholds of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-27232 [MEDIUM] CWE-476 CVE-2024-27232: In asn1_ec_pkey_parse of asn1_common.c, there is a possible OOB read due to a missing null check. Th In asn1_ec_pkey_parse of asn1_common.c, there is a possible OOB read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29747 [MEDIUM] CWE-125 CVE-2024-29747: In _dvfs_get_lv of dvfs.c, there is a possible out of bounds read due to a missing null check. This In _dvfs_get_lv of dvfs.c, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29744 [MEDIUM] CWE-125 CVE-2024-29744: In tmu_get_gov_time_windows, there is a possible out of bounds read due to a missing bounds check. T In tmu_get_gov_time_windows, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29750 [MEDIUM] CWE-125 CVE-2024-29750: In km_exp_did_inner of kmv.c, there is a possible out of bounds read due to a missing bounds check. In km_exp_did_inner of kmv.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29745 [MEDIUM] CWE-908 CVE-2024-29745: there is a possible Information Disclosure due to uninitialized data. This could lead to local infor there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29782 [MEDIUM] CWE-125 CVE-2024-29782: In tmu_get_tr_num_thresholds of tmu.c, there is a possible out of bounds read due to a missing bound In tmu_get_tr_num_thresholds of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29754 [MEDIUM] CWE-125 CVE-2024-29754: In TMU_IPC_GET_TABLE, there is a possible out of bounds read due to a missing bounds check. This cou In TMU_IPC_GET_TABLE, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29751 [MEDIUM] CWE-476 CVE-2024-29751: In asn1_ec_pkey_parse_p384 of asn1_common.c, there is a possible OOB Read due to a missing null chec In asn1_ec_pkey_parse_p384 of asn1_common.c, there is a possible OOB Read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29783 [MEDIUM] CWE-125 CVE-2024-29783: In tmu_get_tr_thresholds, there is a possible out of bounds read due to a missing bounds check. This In tmu_get_tr_thresholds, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29738 [MEDIUM] CWE-125 CVE-2024-29738: In gov_init, there is a possible out of bounds read due to a missing bounds check. This could lead t In gov_init, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29755 [MEDIUM] CWE-125 CVE-2024-29755: In tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. Thi In tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29739 [MEDIUM] CWE-125 CVE-2024-29739: In tmu_get_temp_lut of tmu.c, there is a possible out of bounds read due to a missing bounds check. In tmu_get_temp_lut of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-27231 [MEDIUM] CWE-125 CVE-2024-27231: In tmu_get_tr_stats of tmu.c, there is a possible out of bounds read due to a missing bounds check. In tmu_get_tr_stats of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-29742 [MEDIUM] CWE-125 CVE-2024-29742: In apply_minlock_constraint of dvfs.c, there is a possible out of bounds read due to a missing bound In apply_minlock_constraint of dvfs.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-28582 [CRITICAL] CVE-2023-28582: Closed-source component Android Security Bulletin 2024-04-01 CVE: CVE-2023-28582 Severity: CRITICAL Component: Closed-source component References: A-299147008 *

CVE-2023-33101 [HIGH] CVE-2023-33101: Closed-source component Android Security Bulletin 2024-04-01 CVE: CVE-2023-33101 Severity: HIGH Component: Closed-source component References: A-303101066 *

CVE-2023-33023 [HIGH] CVE-2023-33023: Closed-source component Android Security Bulletin 2024-04-01 CVE: CVE-2023-33023 Severity: HIGH Component: Closed-source component References: A-303101376 *