Google Android vulnerabilities

CVE-2023-42713 [MEDIUM] CWE-862 CVE-2023-42713: In firewall service, there is a possible way to write permission usage records of an app due to a mi In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-35668 [MEDIUM] CVE-2023-35668: In visitUris of Notification.java, there is a possible way to display images from another user due t In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-32870 [MEDIUM] CWE-125 CVE-2023-32870: In display drm, there is a possible out of bounds read due to a missing bounds check. This could lea In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363740; Issue ID: ALPS07363740.

CVE-2023-42726 [MEDIUM] CWE-125 CVE-2023-42726: In TeleService, there is a possible out of bounds read due to a missing bounds check. This could lea In TeleService, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2023-32849 [MEDIUM] CWE-787 CVE-2023-32849: In cmdq, there is a possible out of bounds write due to type confusion. This could lead to local esc In cmdq, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161758; Issue ID: ALPS08161758.

CVE-2023-42700 [MEDIUM] CWE-862 CVE-2023-42700: In firewall service, there is a possible way to write permission usage records of an app due to a mi In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-32863 [MEDIUM] CWE-125 CVE-2023-32863: In display drm, there is a possible out of bounds read due to a missing bounds check. This could lea In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326314; Issue ID: ALPS07326314.

CVE-2023-42698 [MEDIUM] CWE-862 CVE-2023-42698: In omacp service, there is a possible way to write permission usage records of an app due to a missi In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-32856 [MEDIUM] CWE-125 CVE-2023-32856: In display, there is a possible out of bounds read due to an incorrect status check. This could lead In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993705.

CVE-2023-40083 [MEDIUM] CWE-125 CVE-2023-40083: In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-42674 [MEDIUM] CWE-862 CVE-2023-42674: In imsservice, there is a possible way to write permission usage records of an app due to a missing In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-32860 [MEDIUM] CWE-120 CVE-2023-32860: In display, there is a possible classic buffer overflow due to a missing bounds check. This could le In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788.

CVE-2023-42728 [MEDIUM] CWE-125 CVE-2023-42728: In phasecheckserver, there is a possible out of bounds read due to a missing bounds check. This coul In phasecheckserver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE-2023-42718 [MEDIUM] CWE-668 CVE-2023-42718: In dialer, there is a possible way to write permission usage records of an app due to a missing perm In dialer, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-32868 [MEDIUM] CWE-787 CVE-2023-32868: In display drm, there is a possible out of bounds write due to a missing bounds check. This could le In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363632.

CVE-2023-42729 [MEDIUM] CWE-787 CVE-2023-42729: In ril service, there is a possible out of bounds write due to a missing bounds check. This could le In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2023-32864 [MEDIUM] CWE-787 CVE-2023-32864: In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292187; Issue ID: ALPS07292187.

CVE-2023-42730 [MEDIUM] CWE-862 CVE-2023-42730: In IMS service, there is a possible way to write permission usage records of an app due to a missing In IMS service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-42697 [MEDIUM] CWE-862 CVE-2023-42697: In omacp service, there is a possible way to write permission usage records of an app due to a missi In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-42727 [MEDIUM] CWE-787 CVE-2023-42727: In gpu driver, there is a possible out of bounds write due to a incorrect bounds check. This could l In gpu driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed