Platform System Core vulnerabilities

9 known vulnerabilities affecting platform/system_core.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
UNKNOWN9

Vulnerabilities

Page 1 of 1
CVE-2024-49729UNKNOWN≥ 15-next:0, < 15-next:2025-02-01≥ 12:0, < 12:2025-02-01+4 more2025-02-01
CVE-2024-49729 CVE-2024-49729: In GetTable of dm In GetTable of dm.cpp, there is a possible way to leak the raw FDE key in bug reports due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-0033UNKNOWN≥ 14-next:0, < 14-next:2024-02-01≥ 11:0, < 11:2024-02-01+4 more2024-02-01
CVE-2024-0033 CVE-2024-0033: In multiple functions of ashmem-dev In multiple functions of ashmem-dev.cpp, there is a possible missing seal due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2022-20128UNKNOWN≥ 10:0, < 10:2022-06-01≥ 11:0, < 11:2022-06-012022-06-01
CVE-2022-20128 CVE-2022-20128: In finishLsImpl of file_sync_client In finishLsImpl of file_sync_client.cpp, there is a possible way to access host's files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2021-0703UNKNOWN≥ 12-next:0, < 12-next:2021-10-01≥ 11:0, < 11:2021-10-01+1 more2021-10-01
CVE-2021-0703 CVE-2021-0703: In SecondStageMain of init In SecondStageMain of init.cpp, there is a possible use after free due to incorrect shared_ptr usage. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2021-0395UNKNOWN≥ 11:0, < 11:2021-03-012021-03-01
CVE-2021-0395 CVE-2021-0395: In StopServicesAndLogViolations of reboot In StopServicesAndLogViolations of reboot.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2021-0330UNKNOWN≥ 8.0:0, < 8.0:2021-02-01≥ 8.1:0, < 8.1:2021-02-01+3 more2021-02-01
CVE-2021-0330 CVE-2021-0330: In add_user_ce and remove_user_ce of storaged In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2020-0409UNKNOWN≥ 11-next:0, < 11-next:2020-11-01≥ 8.0:0, < 8.0:2020-11-01+3 more2020-11-01
CVE-2020-0409 CVE-2020-0409: In create of FileMap In create of FileMap.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2020-0421UNKNOWN≥ 8.0:0, < 8.0:2020-10-01≥ 8.1:0, < 8.1:2020-10-01+3 more2020-10-01
CVE-2020-0421 CVE-2020-0421: In appendFormatV of String8 In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2020-0408UNKNOWN≥ 8.0:0, < 8.0:2020-10-01≥ 8.1:0, < 8.1:2020-10-01+2 more2020-10-01
CVE-2020-0408 CVE-2020-0408: In remove of String16 In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv