Google Android vulnerabilities

CVE-2024-20036 [MEDIUM] CWE-284 CVE-2024-20036: In vdec, there is a possible permission bypass due to a permissions bypass. This could lead to local In vdec, there is a possible permission bypass due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08509508; Issue ID: ALPS08509508.

CVE-2024-20024 [MEDIUM] CWE-787 CVE-2024-20024: In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to loc In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541635; Issue ID: ALPS08541635.

CVE-2024-20020 [MEDIUM] CWE-787 CVE-2024-20020: In OPTEE, there is a possible out of bounds write due to an incorrect bounds check. This could lead In OPTEE, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08522504; Issue ID: ALPS08522504.

CVE-2024-20032 [MEDIUM] CWE-862 CVE-2024-20032: In aee, there is a possible permission bypass due to a missing permission check. This could lead to In aee, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08487630; Issue ID: MSV-1020.

CVE-2024-20037 [MEDIUM] CWE-754 CVE-2024-20037: In pq, there is a possible write-what-where condition due to an incorrect bounds check. This could l In pq, there is a possible write-what-where condition due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08495937; Issue ID: ALPS08495937.

CVE-2024-20038 [LOW] CWE-125 CVE-2024-20038: In pq, there is a possible out of bounds read due to an incorrect bounds check. This could lead to l In pq, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08495932; Issue ID: ALPS08495932.

CVE-2023-28578 [CRITICAL] CVE-2023-28578: Closed-source component Android Security Bulletin 2024-03-01 CVE: CVE-2023-28578 Severity: CRITICAL Component: Closed-source component References: A-285902353 *

CVE-2023-43553 [CRITICAL] CVE-2023-43553: WLAN Android Security Bulletin 2024-03-01 CVE: CVE-2023-43553 Severity: HIGH Component: WLAN References: A-314791341 QC-CR#3580821

CVE-2023-43548 [HIGH] CVE-2023-43548: Closed-source component Android Security Bulletin 2024-03-01 CVE: CVE-2023-43548 Severity: HIGH Component: Closed-source component References: A-314790932 *

CVE-2023-33042 [HIGH] CVE-2023-33042: Closed-source component Android Security Bulletin 2024-03-01 CVE: CVE-2023-33042 Severity: HIGH Component: Closed-source component References: A-295039320 *

CVE-2023-33066 [HIGH] CVE-2023-33066: Closed-source component Android Security Bulletin 2024-03-01 CVE: CVE-2023-33066 Severity: HIGH Component: Closed-source component References: A-303101493 *

CVE-2023-43552 [CRITICAL] CVE-2023-43552: WLAN Android Security Bulletin 2024-03-01 CVE: CVE-2023-43552 Severity: HIGH Component: WLAN References: A-314791054 QC-CR#3583521

CVE-2023-33105 [HIGH] CVE-2023-33105: Closed-source component Android Security Bulletin 2024-03-01 CVE: CVE-2023-33105 Severity: HIGH Component: Closed-source component References: A-314790953 *

CVE-2023-43549 [HIGH] CVE-2023-43549: Closed-source component Android Security Bulletin 2024-03-01 CVE: CVE-2023-43549 Severity: HIGH Component: Closed-source component References: A-314791266 *

CVE-2023-43539 [HIGH] CVE-2023-43539: Closed-source component Android Security Bulletin 2024-03-01 CVE: CVE-2023-43539 Severity: HIGH Component: Closed-source component References: A-314791241 *

CVE-2023-43550 [HIGH] CVE-2023-43550: Kernel Android Security Bulletin 2024-03-01 CVE: CVE-2023-43550 Severity: HIGH Component: Kernel References: A-314791623 QC-CR#3595842

CVE-2023-6241 [HIGH] CVE-2023-6241: Mali Android Security Bulletin 2024-03-01 CVE: CVE-2023-6241 Severity: HIGH Component: Mali References: A-316206835 *

CVE-2023-43547 [HIGH] CVE-2023-43547: Security Android Security Bulletin 2024-03-01 CVE: CVE-2023-43547 Severity: HIGH Component: Security References: A-314791076 QC-CR#3602462 [2]

CVE-2023-43546 [HIGH] CVE-2023-43546: Security Android Security Bulletin 2024-03-01 CVE: CVE-2023-43546 Severity: HIGH Component: Security References: A-314790498 QC-CR#3602482

CVE-2023-6143 [HIGH] CVE-2023-6143: Mali Android Security Bulletin 2024-03-01 CVE: CVE-2023-6143 Severity: HIGH Component: Mali References: A-316197619 *