Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Android
(Google)Repositories | https://github.com/torvalds/linux |
#Vulnerabilities | 6835 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-08-14 | CVE-2023-21267 | In multiple functions of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | Android | 5.5 | ||
2024-04-05 | CVE-2024-29745 | there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | Android | 5.5 | ||
2024-04-05 | CVE-2024-29748 | there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | Android | 7.8 | ||
2011-05-16 | CVE-2011-0419 | Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. | Http_server, Portable_runtime, Mac_os_x, Debian_linux, Freebsd, Android, Netbsd, Openbsd, Solaris, Linux_enterprise_server | N/A | ||
2016-08-06 | CVE-2016-3841 | The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call. | Android, Linux_kernel | 7.3 | ||
2023-12-08 | CVE-2023-48397 | In Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | Android | 4.9 | ||
2023-12-08 | CVE-2023-48398 | In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | Android | 7.5 | ||
2023-12-08 | CVE-2023-48399 | In ProtocolMiscATCommandAdapter::Init() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | Android | 5.5 | ||
2023-12-08 | CVE-2023-48401 | In GetSizeOfEenlRecords of protocoladapter.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | Android | 5.5 | ||
2023-12-08 | CVE-2023-48402 | In ppcfw_enable of ppcfw.c, there is a possible EoP due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | Android | 7.8 |