Platform System Nfc vulnerabilities

CVE-2024-34731 CVE-2024-34731: In multiple functions of TranscodingResourcePolicy In multiple functions of TranscodingResourcePolicy.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21241 CVE-2023-21241: In rw_i93_send_to_upper of rw_i93 In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21085 CVE-2023-21085: In nci_snd_set_routing_cmd of nci_hmsgs In nci_snd_set_routing_cmd of nci_hmsgs.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20516 CVE-2022-20516: In rw_t3t_act_handle_check_ndef_rsp of rw_t3t In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20198 CVE-2022-20198: In llcp_dlc_proc_connect_pdu of llcp_dlc In llcp_dlc_proc_connect_pdu of llcp_dlc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC stack with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20127 CVE-2022-20127: In ce_t4t_data_cback of ce_t4t In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20131 CVE-2022-20131: In nci_proc_rf_management_ntf of nci_hrcv In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20147 CVE-2022-20147: In nfa_dm_check_set_config of nfa_dm_main In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2021-39675 CVE-2021-39675: In GKI_getbuf of gki_buffer In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2021-0925 CVE-2021-0925: In rw_t4t_sm_detect_ndef of rw_t4t In rw_t4t_sm_detect_ndef of rw_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure due to a limited change in behavior based on the out of bounds data with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2021-0870 CVE-2021-0870: In RW_SetActivatedTagType of rw_main In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2021-0548 CVE-2021-0548: In rw_i93_send_to_lower of rw_i93 In rw_i93_send_to_lower of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2021-0473 CVE-2021-0473: In rw_t3t_process_error of rw_t3t In rw_t3t_process_error of rw_t3t.cc, there is a possible double free due to uninitialized data. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2021-0430 CVE-2021-0430: In rw_mfc_handle_read_op of rw_mfc In rw_mfc_handle_read_op of rw_mfc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution via a malicious NFC packet with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2020-0450 CVE-2020-0450: In rw_i93_sm_format of rw_i93 In rw_i93_sm_format of rw_i93.cc, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is needed for exploitation.