Google Android 13.0 -

In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597.

Published: 2025-04-07T03:14:52.452Z
Updated: 2025-04-07T18:22:01.666Z

In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible arbitrary XML injection due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-08-15T21:56:33.151Z
Updated: 2024-08-16T14:07:11.752Z

In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Published: 2024-08-15T21:56:32.805Z
Updated: 2025-09-11T14:11:12.107Z

In multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to read their own restrictRead app-op states due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-08-15T21:56:32.460Z
Updated: 2025-03-26T21:10:58.257Z

In ensureSetPipAspectRatioQuotaTracker of ActivityClientController.java, there is a possible way to generate unmovable and undeletable pip windows due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-08-15T21:56:32.112Z
Updated: 2025-03-25T15:54:24.798Z

In onForegroundServiceButtonClicked of FooterActionsViewModel.kt, there is a possible way to disable the active VPN app from the lockscreen due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-08-15T21:56:31.399Z
Updated: 2024-10-24T19:44:21.863Z

In multiple functions of TranscodingResourcePolicy.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-08-15T21:56:31.049Z
Updated: 2024-08-16T14:30:36.797Z

In smp_proc_rand of smp_act.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-07-09T20:11:28.095Z
Updated: 2025-01-21T23:04:42.418Z

In com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly of com_android_internal_os_ZygoteCommandBuffer.cpp, there is a possible method to perform arbitrary code execution in any app zygote processes due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-07-09T20:11:27.923Z
Updated: 2024-08-02T02:59:22.237Z

In multiple functions of StatsService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-07-09T20:11:27.850Z
Updated: 2024-08-02T01:52:56.221Z

In multiple functions of ZygoteProcess.java, there is a possible way to achieve code execution as any app via WRITE_SECURE_SETTINGS due to unsafe deserialization. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-07-09T20:09:15.933Z
Updated: 2024-08-02T01:52:56.288Z

In lpm_req_handler of lpm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-04-05T20:02:16.139Z
Updated: 2024-08-27T14:53:44.018Z

In aoc_unlocked_ioctl of aoc.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:41.315Z
Updated: 2024-08-27T14:33:14.940Z

In tmu_config_gov_params of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:40.086Z
Updated: 2024-08-27T14:34:46.795Z

In strncpy of strncpy.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:39.790Z
Updated: 2025-04-16T15:43:56.105Z

In BroadcastSystemMessage of servicemgr.cpp, there is a possible Remote Code Execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:38.748Z
Updated: 2024-08-02T00:27:59.907Z

In policy_check of fvp.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:38.288Z
Updated: 2025-04-16T15:44:30.886Z

there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:37.992Z
Updated: 2024-08-27T14:36:13.045Z

there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:37.551Z
Updated: 2024-08-26T16:02:27.393Z

In tmu_set_gov_active of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:37.406Z
Updated: 2024-08-02T00:27:59.739Z

In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:36.797Z
Updated: 2025-04-16T15:44:51.983Z

In SAEMM_DiscloseGuti of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:36.494Z
Updated: 2024-08-27T14:51:42.532Z

In bigo_unlocked_ioctl of bigo.c, there is a possible UAF due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:36.033Z
Updated: 2024-08-26T16:03:38.604Z

In migrateNotificationFilter of NotificationManagerService.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-05-07T21:01:29.338Z
Updated: 2024-08-01T23:13:07.259Z

In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Published: 2024-05-07T21:03:31.178Z
Updated: 2024-10-25T19:10:30.195Z

there is a possible Authentication Bypass due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T18:55:34.794Z
Updated: 2024-08-27T14:50:49.938Z

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1574.

Published: 2024-11-04T01:49:36.169Z
Updated: 2024-11-04T10:18:08.164Z

In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08960505; Issue ID: MSV-1590.

Published: 2024-11-04T01:48:40.379Z
Updated: 2024-11-04T10:56:14.353Z

In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue ID: MSV-1526.

Published: 2024-09-02T02:07:37.971Z
Updated: 2024-09-03T14:14:40.888Z

In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477406; Issue ID: MSV-1010.

Published: 2024-03-04T02:43:45.099Z
Updated: 2024-08-15T16:53:53.983Z

In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638.

Published: 2024-03-04T02:43:32.414Z
Updated: 2024-08-25T15:17:44.836Z

In OPTEE, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08522504; Issue ID: ALPS08522504.

Published: 2024-03-04T02:43:24.572Z
Updated: 2025-03-28T19:10:14.806Z

In Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null responses. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T16:35:22.131Z
Updated: 2024-08-28T18:37:39.524Z

In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T16:35:21.876Z
Updated: 2024-08-27T17:29:04.372Z

In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-03-11T16:35:21.760Z
Updated: 2025-01-28T19:13:40.074Z

In setParameter of MtpPacket.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-02-16T00:08:18.790Z
Updated: 2024-08-01T17:41:15.511Z

In multiple functions of ashmem-dev.cpp, there is a possible missing seal due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-02-16T00:08:16.586Z
Updated: 2024-08-16T17:45:24.531Z

In multiple locations, there is a possible way to request access to directories that should be hidden due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

Published: 2024-02-16T00:08:16.134Z
Updated: 2025-08-26T22:48:29.486Z

In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-02-16T00:08:15.792Z
Updated: 2024-08-01T17:41:14.691Z

In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Published: 2024-05-07T21:03:30.602Z
Updated: 2024-08-01T17:41:14.667Z

In convertYUV420Planar16ToY410 of ColorConverter.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-02-16T19:33:31.399Z
Updated: 2024-08-15T18:11:46.532Z

In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-02-16T18:33:36.716Z
Updated: 2025-03-14T18:09:57.683Z

In startInstall of UpdateFetcher.java, there is a possible way to trigger a malicious config update due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-02-16T00:08:14.746Z
Updated: 2025-03-28T19:36:56.442Z

In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed

Published: 2024-04-08T02:21:14.949Z
Updated: 2025-03-13T17:53:54.605Z

In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Published: 2023-11-01T09:08:15.420Z
Updated: 2024-09-05T19:41:37.346Z

In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Published: 2023-12-04T00:54:23.175Z
Updated: 2024-08-02T19:30:24.493Z

In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:22.624Z
Updated: 2024-08-02T19:30:24.287Z

In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Published: 2023-12-04T00:54:22.364Z
Updated: 2024-10-11T18:08:40.433Z

In engineermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Published: 2023-12-04T00:54:22.106Z
Updated: 2024-08-02T19:30:23.964Z

In telocom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Published: 2023-12-04T00:54:21.821Z
Updated: 2024-08-28T19:48:32.562Z

In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:21.553Z
Updated: 2024-08-02T19:30:24.327Z

In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Published: 2023-12-04T00:54:21.292Z
Updated: 2025-05-29T14:03:15.477Z

In telephony service, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed

Published: 2023-12-04T00:54:21.022Z
Updated: 2024-08-02T19:30:24.428Z

In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:20.749Z
Updated: 2024-08-02T19:30:23.904Z

In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:20.484Z
Updated: 2024-08-02T19:30:24.118Z

In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:20.216Z
Updated: 2024-08-02T19:30:24.118Z

In phasecheckserver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

Published: 2023-12-04T00:54:18.093Z
Updated: 2024-08-28T19:50:43.047Z

In gpu driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed

Published: 2023-12-04T00:54:17.831Z
Updated: 2024-08-02T19:30:23.899Z

In dialer, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:15.249Z
Updated: 2024-08-28T19:52:02.358Z

In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Published: 2023-12-04T00:54:09.338Z
Updated: 2024-08-02T19:23:40.333Z

In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Published: 2023-12-04T00:54:07.995Z
Updated: 2024-08-02T19:23:40.353Z

In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Published: 2023-12-04T00:54:06.081Z
Updated: 2024-08-02T19:23:40.153Z

In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Published: 2023-12-04T00:54:05.807Z
Updated: 2024-08-02T19:23:40.247Z

In gsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Published: 2023-12-04T00:54:05.534Z
Updated: 2024-08-28T19:54:22.025Z

In ion service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Published: 2023-12-04T00:54:05.270Z
Updated: 2025-05-29T14:12:51.036Z

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:04.436Z
Updated: 2024-08-02T19:23:40.145Z

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:04.171Z
Updated: 2024-08-02T19:23:40.144Z

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:03.905Z
Updated: 2024-10-11T17:55:11.008Z

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:03.627Z
Updated: 2024-12-02T17:47:00.515Z

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:03.364Z
Updated: 2024-08-02T19:23:40.136Z

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:03.095Z
Updated: 2024-08-02T19:23:40.177Z

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-12-04T00:54:02.367Z
Updated: 2024-08-02T19:23:40.086Z

In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:17.997Z
Updated: 2024-09-05T18:12:04.254Z

In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:14.758Z
Updated: 2024-09-05T19:45:39.264Z

In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:14.474Z
Updated: 2024-09-05T19:47:10.777Z

In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:14.192Z
Updated: 2024-09-05T19:48:23.290Z

In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:13.915Z
Updated: 2024-09-05T19:49:16.495Z

In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:13.634Z
Updated: 2024-09-05T19:49:38.151Z

In Ifaa service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:13.347Z
Updated: 2024-09-05T19:50:21.563Z

In Ifaa service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:13.045Z
Updated: 2024-09-05T19:51:35.102Z

In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:12.438Z
Updated: 2024-09-05T19:52:02.654Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:12.158Z
Updated: 2024-09-05T19:52:30.888Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:11.877Z
Updated: 2024-09-05T19:53:07.374Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:11.592Z
Updated: 2024-09-05T19:54:34.422Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:11.311Z
Updated: 2024-09-06T16:40:41.225Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:10.991Z
Updated: 2024-09-06T16:45:56.075Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:10.701Z
Updated: 2024-09-06T19:05:49.444Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:10.406Z
Updated: 2024-09-06T19:08:16.311Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:10.122Z
Updated: 2024-09-06T19:07:16.456Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:09.835Z
Updated: 2024-09-06T18:01:06.264Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:09.558Z
Updated: 2024-09-06T18:01:45.880Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:09.278Z
Updated: 2024-09-06T18:59:40.544Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:08.975Z
Updated: 2024-09-06T19:09:17.454Z

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: 2023-11-01T09:08:08.684Z
Updated: 2024-09-05T19:55:05.161Z

In readLogs of StatsService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-02-15T22:31:16.207Z
Updated: 2024-08-02T18:24:55.624Z

In multiple functions of MtpFfsHandle.cpp , there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Published: 2024-02-15T22:31:15.925Z
Updated: 2024-08-15T18:10:22.035Z

In multiple functions of MtpPacket.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Published: 2024-02-15T22:31:15.450Z
Updated: 2025-03-19T16:00:18.169Z

In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted cryptographic certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-02-15T22:31:14.778Z
Updated: 2024-08-02T18:24:55.545Z

In discovery_thread of Dns64Configuration.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2024-02-15T22:31:14.672Z
Updated: 2024-08-28T18:56:23.409Z

In callback_thread_event of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible memory corruption due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-12-04T22:40:52.675Z
Updated: 2024-08-02T18:24:55.553Z

In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-12-04T22:40:50.938Z
Updated: 2024-08-02T18:24:54.721Z

In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:09:29.953Z
Updated: 2024-10-09T14:22:00.504Z

In NIA0 algorithm in Security Mode Command, there is a possible missing verification incorrect input. This could lead to remote information disclosure no additional execution privileges needed

Published: 2023-09-04T01:16:12.851Z
Updated: 2024-10-01T13:04:12.062Z

In rpmb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648764; Issue ID: ALPS07648764.

Published: 2023-12-04T03:45:50.631Z
Updated: 2024-08-02T15:32:45.837Z

In cameraisp, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07670971; Issue ID: ALPS07670971.

Published: 2023-12-04T03:45:49.173Z
Updated: 2024-08-02T15:32:45.682Z

In cmdq, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161758; Issue ID: ALPS08161758.

Published: 2023-12-04T03:45:47.755Z
Updated: 2024-08-02T15:32:46.583Z

In vdec, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08163896; Issue ID: ALPS08163896.

Published: 2023-12-04T03:45:43.472Z
Updated: 2024-10-17T15:23:31.888Z

In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940.

Published: 2023-12-04T03:45:41.985Z
Updated: 2024-08-02T15:32:45.099Z

Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file.

Published: 2023-09-06T03:12:16.839Z
Updated: 2024-09-26T15:52:23.943Z

In openContentUri of ActivityManagerService.java, there is a possible way for a third party app to obtain restricted files due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:08:38.615Z
Updated: 2024-10-09T14:33:32.167Z

In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:07:55.891Z
Updated: 2024-10-09T14:34:21.752Z

In multiple locations, there is a possible bypass of a multi user security boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:07:27.693Z
Updated: 2024-10-09T14:35:14.526Z

In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:07:10.453Z
Updated: 2024-10-09T14:36:22.457Z

In multiple locations, there is a possible code execution due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:06:51.823Z
Updated: 2024-10-09T14:39:52.582Z

In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:06:38.355Z
Updated: 2024-10-09T14:42:17.999Z

In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:06:23.871Z
Updated: 2024-10-09T14:43:10.844Z

In multiple functions of DevicePolicyManager.java, there is a possible way to prevent enabling the Find my Device feature due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:06:09.845Z
Updated: 2024-10-09T14:44:30.690Z

In multiple functions of StatusHints.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Published: 2023-08-14T21:05:55.410Z
Updated: 2024-10-09T14:45:55.818Z

In TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

Published: 2023-08-14T21:05:23.902Z
Updated: 2025-11-04T21:08:20.707Z

In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:05:06.431Z
Updated: 2024-10-09T14:49:58.512Z

In setMediaButtonBroadcastReceiver of MediaSessionRecord.java, there is a possible permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:04:48.201Z
Updated: 2024-10-09T14:51:09.796Z

In visitUris of RemoteViews.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:04:31.594Z
Updated: 2024-10-09T14:54:26.829Z

In multiple locations, there is a possible way to obscure the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:03:27.874Z
Updated: 2024-10-09T14:55:10.669Z

In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:03:04.607Z
Updated: 2024-10-09T14:56:42.802Z

In writeToParcel of CursorWindow.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:02:38.148Z
Updated: 2024-10-09T14:58:03.031Z

In decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:01:55.530Z
Updated: 2024-10-09T14:59:48.795Z

In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:01:43.205Z
Updated: 2024-10-09T15:02:59.444Z

In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:01:24.805Z
Updated: 2024-10-09T15:07:41.403Z

In parseInputs of ShimPreparedModel.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:00:47.078Z
Updated: 2024-10-09T15:20:34.383Z

In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:00:08.724Z
Updated: 2024-10-09T15:25:42.936Z

In update of MmsProvider.java, there is a possible way to change directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T20:59:52.485Z
Updated: 2024-10-09T18:58:49.964Z

In multiple functions of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T20:59:41.378Z
Updated: 2024-08-02T09:28:26.209Z

In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T20:59:28.509Z
Updated: 2024-10-09T19:08:41.995Z

In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T20:58:52.284Z
Updated: 2024-10-09T14:26:12.319Z

In onCreate of LockSettingsActivity.java, there is a possible way set a new lockscreen PIN without entering the existing PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:09:50.973Z
Updated: 2024-10-09T14:20:00.254Z

In launchConfirmationActivity of ChooseLockSettingsHelper.java, there is a possible way to enable developer options without the lockscreen PIN due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:10:03.606Z
Updated: 2024-10-09T14:19:17.765Z

In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:10:31.494Z
Updated: 2024-10-09T14:12:19.947Z

In getIntentForButton of ButtonManager.java, there is a possible way for an unprivileged application to start a non-exported or permission-protected activity due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:10:42.420Z
Updated: 2024-10-09T14:11:46.447Z

In onAccessPointChanged of AccessPointPreference.java, there is a possible way for unprivileged apps to receive a broadcast about WiFi access point change and its BSSID or SSID due to a precondition check failure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:10:56.039Z
Updated: 2024-10-09T14:11:15.437Z

In registerServiceLocked of ManagedServices.java, there is a possible bypass of background activity launch restrictions due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T21:11:13.328Z
Updated: 2024-10-09T14:10:40.032Z

In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T20:58:27.348Z
Updated: 2024-10-09T19:10:39.337Z

In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T20:58:11.888Z
Updated: 2024-10-09T19:11:41.385Z

In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T20:57:57.389Z
Updated: 2024-10-09T19:12:21.313Z

In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T20:57:31.732Z
Updated: 2024-10-09T19:13:01.708Z

In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2023-08-14T20:48:48.811Z
Updated: 2024-10-09T19:13:54.759Z

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Published: 2023-11-01T09:08:17.719Z
Updated: 2024-09-05T18:12:25.721Z

In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed

Published: 2023-11-01T09:08:16.300Z
Updated: 2024-09-12T18:03:38.230Z

In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

Published: 2023-11-01T09:08:16.008Z
Updated: 2024-09-05T19:40:04.996Z

In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

Published: 2023-11-01T09:08:15.718Z
Updated: 2024-09-05T19:40:49.048Z

In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Published: 2023-09-04T01:16:12.579Z
Updated: 2024-09-30T18:52:35.038Z

In Ifaa service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed

Published: 2023-09-04T01:16:12.309Z
Updated: 2024-09-30T18:54:00.901Z

In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Published: 2023-09-04T01:16:11.753Z
Updated: 2024-09-30T18:55:36.202Z

In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262518; Issue ID: ALPS07262518.

Published: 2023-01-03T00:00:00.000Z
Updated: 2025-04-10T18:16:30.554Z

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573237.

Published: 2023-01-03T00:00:00.000Z
Updated: 2025-04-10T18:29:07.819Z