Google Android vulnerabilities

CVE-2023-42704 [MEDIUM] CWE-862 CVE-2023-42704: In imsservice, there is a possible way to write permission usage records of an app due to a missing In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-40098 [MEDIUM] CVE-2023-40098: In mOnDone of NotificationConversationInfo.java, there is a possible way to access app notification In mOnDone of NotificationConversationInfo.java, there is a possible way to access app notification data of another user due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-42684 [MEDIUM] CWE-125 CVE-2023-42684: In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2023-42724 [MEDIUM] CWE-125 CVE-2023-42724: In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2023-32862 [MEDIUM] CWE-125 CVE-2023-32862: In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388762; Issue ID: ALPS07388762.

CVE-2023-42677 [MEDIUM] CWE-862 CVE-2023-42677: In imsservice, there is a possible way to write permission usage records of an app due to a missing In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-32866 [MEDIUM] CWE-787 CVE-2023-32866: In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to l In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342152; Issue ID: ALPS07342152.

CVE-2023-45781 [MEDIUM] CWE-125 CVE-2023-45781: In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-42715 [MEDIUM] CWE-668 CVE-2023-42715: In telephony service, there is a possible missing permission check. This could lead to local informa In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-32859 [MEDIUM] CWE-120 CVE-2023-32859: In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473.

CVE-2023-42722 [MEDIUM] CWE-416 CVE-2023-42722: In camera service, there is a possible use after free due to a logic error. This could lead to local In camera service, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed

CVE-2023-42744 [MEDIUM] CWE-862 CVE-2023-42744: In telecom service, there is a possible missing permission check. This could lead to local denial of In telecom service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed

CVE-2022-48463 [MEDIUM] CWE-787 CVE-2022-48463: In wifi service, there is a possible out of bounds write due to a missing bounds check. This could l In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE-2023-42733 [MEDIUM] CWE-862 CVE-2023-42733: In telephony service, there is a possible missing permission check. This could lead to local informa In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-42735 [MEDIUM] CWE-862 CVE-2023-42735: In telephony service, there is a possible missing permission check. This could lead to local informa In telephony service, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed

CVE-2023-42680 [MEDIUM] CWE-125 CVE-2023-42680: In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2023-42711 [MEDIUM] CWE-862 CVE-2023-42711: In firewall service, there is a possible way to write permission usage records of an app due to a mi In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-32861 [MEDIUM] CWE-125 CVE-2023-32861: In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08059081; Issue ID: ALPS08059081.

CVE-2023-42702 [MEDIUM] CWE-862 CVE-2023-42702: In firewall service, there is a possible way to write permission usage records of an app due to a mi In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-42719 [MEDIUM] CWE-125 CVE-2023-42719: In video service, there is a possible out of bounds read due to a incorrect bounds check. This could In video service, there is a possible out of bounds read due to a incorrect bounds check. This could lead to local denial of service with no additional execution privileges needed