Google Android vulnerabilities

CVE-2023-21216 [CRITICAL] CWE-276 CVE-2023-21216: In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible arbitrary code execution du In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21403 [CRITICAL] CVE-2023-21403: In RGXDestroyZSBufferKM of rgxta3d.c, there is a possible arbitrary code execution due to an uncaugh In RGXDestroyZSBufferKM of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-35690 [CRITICAL] CVE-2023-35690: In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21228 [CRITICAL] CVE-2023-21228: In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21263 [CRITICAL] CVE-2023-21263: In OSMMapPMRGeneric of pmr_os.c, there is a possible out of bounds write due to an uncaught excep In OSMMapPMRGeneric of pmr_os.c, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21217 [CRITICAL] CVE-2023-21217: In PMRWritePMPageList of TBD, there is a possible out of bounds write due to an integer overflow. Th In PMRWritePMPageList of TBD, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21402 [CRITICAL] CVE-2023-21402: In MMU_UnmapPages of mmu_common.c, there is a possible out of bounds read due to improper input vali In MMU_UnmapPages of mmu_common.c, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-40078 [CRITICAL] CWE-787 CVE-2023-40078: In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc, there is a possible out of In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-40082 [CRITICAL] CVE-2023-40082: In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to impro In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21401 [CRITICAL] CVE-2023-21401: In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an in In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21166 [CRITICAL] CVE-2023-21166: In RGXBackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after In RGXBackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-45776 [HIGH] CWE-787 CVE-2023-45776: In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-45773 [HIGH] CWE-787 CVE-2023-45773: In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a missing bo In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-40089 [HIGH] CWE-862 CVE-2023-40089: In getCredentialManagerPolicy of DevicePolicyManagerService.java, there is a possible method for use In getCredentialManagerPolicy of DevicePolicyManagerService.java, there is a possible method for users to select credential managers without permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-42745 [HIGH] CWE-862 CVE-2023-42745: In telecom service, there is a possible missing permission check. This could lead to local escalatio In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE-2023-32851 [HIGH] CWE-787 CVE-2023-32851: In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead t In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016652; Issue ID: ALPS08016652.

CVE-2023-42740 [HIGH] CWE-862 CVE-2023-42740: In telecom service, there is a possible way to write permission usage records of an app due to a mis In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE-2023-42689 [HIGH] CWE-862 CVE-2023-42689: In wifi service, there is a possible missing permission check. This could lead to local escalation o In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE-2023-40094 [HIGH] CWE-862 CVE-2023-40094: In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-42736 [HIGH] CWE-862 CVE-2023-42736: In telecom service, there is a possible missing permission check. This could lead to local escalatio In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed