Action not permitted
Modal body text goes here.
wid-sec-w-2023-1371
Vulnerability from csaf_certbund
Published
2023-06-05 22:00
Modified
2023-06-05 22:00
Summary
Samsung Android: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszulösen.
Betroffene Betriebssysteme
- Android
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Samsung Android ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen.", "title": "Angriff" }, { "category": "general", "text": "- Android", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1371 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1371.json" }, { "category": "self", "summary": "WID-SEC-2023-1371 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1371" }, { "category": "external", "summary": "Samsung Mobile Security - Security Updates vom 2023-06-05", "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ], "source_lang": "en-US", "title": "Samsung Android: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-06-05T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:29:54.825+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1371", "initial_release_date": "2023-06-05T22:00:00.000+00:00", "revision_history": [ { "date": "2023-06-05T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Samsung Android", "product": { "name": "Samsung Android", "product_id": "T027059", "product_identification_helper": { "cpe": "cpe:/o:samsung:android:-" } } } ], "category": "vendor", "name": "Samsung" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-26085", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-26085" }, { "cve": "CVE-2023-21666", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21666" }, { "cve": "CVE-2023-21665", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21665" }, { "cve": "CVE-2023-21517", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21517" }, { "cve": "CVE-2023-21513", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21513" }, { "cve": "CVE-2023-21512", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21512" }, { "cve": "CVE-2023-21144", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21144" }, { "cve": "CVE-2023-21143", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21143" }, { "cve": "CVE-2023-21142", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21142" }, { "cve": "CVE-2023-21141", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21141" }, { "cve": "CVE-2023-21139", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21139" }, { "cve": "CVE-2023-21138", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21138" }, { "cve": "CVE-2023-21137", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21137" }, { "cve": "CVE-2023-21136", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21136" }, { "cve": "CVE-2023-21135", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21135" }, { "cve": "CVE-2023-21131", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21131" }, { "cve": "CVE-2023-21130", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21130" }, { "cve": "CVE-2023-21129", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21129" }, { "cve": "CVE-2023-21128", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21128" }, { "cve": "CVE-2023-21127", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21127" }, { "cve": "CVE-2023-21126", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21126" }, { "cve": "CVE-2023-21124", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21124" }, { "cve": "CVE-2023-21123", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21123" }, { "cve": "CVE-2023-21122", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21122" }, { "cve": "CVE-2023-21121", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21121" }, { "cve": "CVE-2023-21115", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21115" }, { "cve": "CVE-2023-21108", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21108" }, { "cve": "CVE-2023-21106", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21106" }, { "cve": "CVE-2023-21105", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21105" }, { "cve": "CVE-2023-21102", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21102" }, { "cve": "CVE-2023-21095", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-21095" }, { "cve": "CVE-2023-20965", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-20965" }, { "cve": "CVE-2023-20726", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-20726" }, { "cve": "CVE-2023-20698", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-20698" }, { "cve": "CVE-2023-20697", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-20697" }, { "cve": "CVE-2023-20696", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-20696" }, { "cve": "CVE-2023-20695", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-20695" }, { "cve": "CVE-2023-20694", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-20694" }, { "cve": "CVE-2023-0266", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2023-0266" }, { "cve": "CVE-2022-47488", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-47488" }, { "cve": "CVE-2022-47487", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-47487" }, { "cve": "CVE-2022-47486", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-47486" }, { "cve": "CVE-2022-47470", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-47470" }, { "cve": "CVE-2022-47469", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-47469" }, { "cve": "CVE-2022-46891", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-46891" }, { "cve": "CVE-2022-46396", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-46396" }, { "cve": "CVE-2022-46395", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-46395" }, { "cve": "CVE-2022-46394", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-46394" }, { "cve": "CVE-2022-40508", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-40508" }, { "cve": "CVE-2022-40504", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-40504" }, { "cve": "CVE-2022-34144", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-34144" }, { "cve": "CVE-2022-33305", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2022-33305" }, { "cve": "CVE-2021-0877", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Samsung Android und mehreren Google-Komponenten. Die Fehler bestehen unter anderem aufgrund einer unsachgem\u00e4\u00dfen Privilegienverwaltung, einem Heap-Out-of-Bound-Write und einer unsachgem\u00e4\u00dfen Knox-ID-Validierung. Ein entfernter, anonymer, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand auszul\u00f6sen. Die erfolgreiche Ausnutzung der Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "T027059" ] }, "release_date": "2023-06-05T22:00:00Z", "title": "CVE-2021-0877" } ] }
cve-2023-21105
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261036568
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.516Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261036568" } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21105", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.516Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21131
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-265015796
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:26.079Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-265015796" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21131", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:26.079Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21130
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-273502002
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.672Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-273502002" } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21130", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.672Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21129
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a possible activity launch while the app is in the background due to a BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-274759612
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.656Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a possible activity launch while the app is in the background due to a BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-274759612" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21129", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.656Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46395
Vulnerability from cvelistv5
Published
2023-03-06 00:00
Modified
2024-08-03 14:31
Severity ?
EPSS score ?
Summary
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:31:46.339Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/support/arm-security-updates" }, { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://developer.arm.com/support/arm-security-updates" }, { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" }, { "url": "http://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-46395", "datePublished": "2023-03-06T00:00:00", "dateReserved": "2022-12-04T00:00:00", "dateUpdated": "2024-08-03T14:31:46.339Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-20698
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:14:40.544Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797", "vendor": "MediaTek, Inc.", "versions": [ { "status": "affected", "version": "Android 11.0, 12.0, 13.0" } ] } ], "descriptions": [ { "lang": "en", "value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144." } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-15T00:00:00", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek" }, "references": [ { "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ] } }, "cveMetadata": { "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2023-20698", "datePublished": "2023-05-15T00:00:00", "dateReserved": "2022-10-28T00:00:00", "dateUpdated": "2024-08-02T09:14:40.544Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21144
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252766417
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:26.032Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252766417" } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21144", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:26.032Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40508
Vulnerability from cvelistv5
Published
2023-05-02 05:08
Modified
2024-08-03 12:21
Severity ?
EPSS score ?
Summary
Reachable assertion in Modem
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Qualcomm, Inc. | Snapdragon |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:qualcomm:315_5g_iot_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "315_5g_iot_modem_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "aqt1000_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ar8035_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_6200_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_6700_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_6800_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_6900_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_7800_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6391_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6421_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6426_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6431_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6436_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6574a_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6574au_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6595au_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6696_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6698aq_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca8081_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca8337_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn6024_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn9024_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd855_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd865_5g_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd888_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdx55_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdx57m_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdx57m_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sm7250p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sm7315_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_4_gen_1_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_480_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_690_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_695_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_750g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_750g_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_780g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_780g_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_8_gen_1_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_855_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_855_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_865_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_auto_5g_modem-rf_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x50_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x50_5g_modem-rf_system_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x55_5g_modem-rf_system_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x65_5g_modem-rf_system_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x70_modem-rf_system_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x70_modem-rf_system_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_xr2_5g_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sxr2130_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9341_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9360_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9370_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9375_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9380_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9385_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3988_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn6740_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8810_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8815_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8830_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8835_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2022-40508", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-11T21:09:47.843288Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-11T21:09:57.841Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T12:21:45.654Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Industrial IOT", "Snapdragon Mobile" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "315 5G IoT Modem" }, { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "SD855" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SD888" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SDX57M" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM7315" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 690 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 750G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 780G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon X50 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X70 Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9360" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-617", "description": "CWE-617 Reachable Assertion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:27:54.437Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" } ], "title": "Reachable assertion in Modem" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2022-40508", "datePublished": "2023-05-02T05:08:54.220Z", "dateReserved": "2022-09-12T09:37:28.414Z", "dateUpdated": "2024-08-03T12:21:45.654Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-47487
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2024-08-03 14:55
Severity ?
EPSS score ?
Summary
In thermal service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service local denial of service with no additional execution privileges.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:55:08.027Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.", "versions": [ { "status": "affected", "version": "Android10/Android11/Android12/Android13" } ] } ], "descriptions": [ { "lang": "en", "value": "In thermal service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service local denial of service with no additional execution privileges." } ], "providerMetadata": { "dateUpdated": "2023-05-09T01:20:33.753Z", "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3", "shortName": "Unisoc" }, "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761" } ] } }, "cveMetadata": { "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3", "assignerShortName": "Unisoc", "cveId": "CVE-2022-47487", "datePublished": "2023-05-09T01:20:33.753Z", "dateReserved": "2022-12-15T08:22:03.072Z", "dateUpdated": "2024-08-03T14:55:08.027Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-47486
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2024-08-03 14:55
Severity ?
EPSS score ?
Summary
In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:55:08.169Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.", "versions": [ { "status": "affected", "version": "Android10/Android11" } ] } ], "descriptions": [ { "lang": "en", "value": "In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed." } ], "providerMetadata": { "dateUpdated": "2023-05-09T01:20:32.680Z", "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3", "shortName": "Unisoc" }, "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761" } ] } }, "cveMetadata": { "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3", "assignerShortName": "Unisoc", "cveId": "CVE-2022-47486", "datePublished": "2023-05-09T01:20:32.680Z", "dateReserved": "2022-12-15T08:22:03.072Z", "dateUpdated": "2024-08-03T14:55:08.169Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21512
Vulnerability from cvelistv5
Published
2023-06-28 00:00
Modified
2024-11-07 18:28
Severity ?
EPSS score ?
Summary
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Samsung Mobile | Samsung Mobile Devices |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:44:01.254Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=06" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-21512", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-07T18:28:17.860572Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-07T18:28:28.976Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Samsung Mobile Devices", "vendor": "Samsung Mobile", "versions": [ { "lessThan": "SMR Jun-2023 Release 1", "status": "affected", "version": "Android 11, 12, 13", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 2.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-28T00:00:00", "orgId": "3af57064-a867-422c-b2ad-40307b65c458", "shortName": "Samsung Mobile" }, "references": [ { "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=06" } ], "source": { "discovery": "UNKNOWN" } } }, "cveMetadata": { "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458", "assignerShortName": "Samsung Mobile", "cveId": "CVE-2023-21512", "datePublished": "2023-06-28T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-11-07T18:28:28.976Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-26085
Vulnerability from cvelistv5
Published
2023-06-29 00:00
Modified
2024-08-02 11:39
Severity ?
EPSS score ?
Summary
A possible out-of-bounds read and write (due to an improper length check of shared memory) was discovered in Arm NN Android-NN-Driver before 23.02.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:39:06.600Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ARM-software/android-nn-driver/releases/tag/v23.02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A possible out-of-bounds read and write (due to an improper length check of shared memory) was discovered in Arm NN Android-NN-Driver before 23.02." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-29T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center" }, { "url": "https://github.com/ARM-software/android-nn-driver/releases/tag/v23.02" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-26085", "datePublished": "2023-06-29T00:00:00", "dateReserved": "2023-02-20T00:00:00", "dateUpdated": "2024-08-02T11:39:06.600Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21121
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In onResume of AppManagementFragment.java, there is a possible way to prevent users from forgetting a previously connected VPN due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-205460459
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:26.086Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12" } ] } ], "descriptions": [ { "lang": "en", "value": "In onResume of AppManagementFragment.java, there is a possible way to prevent users from forgetting a previously connected VPN due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-205460459" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21121", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:26.086Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-20696
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only).
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:14:40.941Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "MT6880, MT6890, MT8167, MT8175, MT8185, MT8195, MT8321, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797", "vendor": "MediaTek, Inc.", "versions": [ { "status": "affected", "version": "Android 13.0 / OpenWrt 19.07, 21.02" } ] } ], "descriptions": [ { "lang": "en", "value": "In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only)." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-15T00:00:00", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek" }, "references": [ { "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ] } }, "cveMetadata": { "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2023-20696", "datePublished": "2023-05-15T00:00:00", "dateReserved": "2022-10-28T00:00:00", "dateUpdated": "2024-08-02T09:14:40.941Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21128
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-272042183
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:26.043Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-272042183" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21128", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:26.043Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-20695
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only).
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:14:40.398Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "MT6835, MT6880, MT6886, MT6890, MT6980, MT6985, MT6990, MT8167, MT8175, MT8185, MT8195, MT8321, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797", "vendor": "MediaTek, Inc.", "versions": [ { "status": "affected", "version": "Android 13.0 / OpenWrt 19.07, 21.02" } ] } ], "descriptions": [ { "lang": "en", "value": "In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only)." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-15T00:00:00", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek" }, "references": [ { "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ] } }, "cveMetadata": { "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2023-20695", "datePublished": "2023-05-15T00:00:00", "dateReserved": "2022-10-28T00:00:00", "dateUpdated": "2024-08-02T09:14:40.398Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-0877
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-03 15:47
Severity ?
EPSS score ?
Summary
Product: AndroidVersions: Android SoCAndroid ID: A-273754094
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:47:28.323Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-05-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android SoC" } ] } ], "descriptions": [ { "lang": "en", "value": "Product: AndroidVersions: Android SoCAndroid ID: A-273754094" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-05-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2021-0877", "datePublished": "2023-05-15T00:00:00", "dateReserved": "2020-11-06T00:00:00", "dateUpdated": "2024-08-03T15:47:28.323Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0266
Vulnerability from cvelistv5
Published
2023-01-30 13:09
Modified
2024-08-02 05:02
Severity ?
EPSS score ?
Summary
Use after free in SNDRV_CTL_IOCTL_ELEM in Linux Kernel
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Linux | Linux Kernel |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:02:44.150Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/becf9e5d553c2389d857a3c178ce80fdb34a02e1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4" }, { "tags": [ "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/56b88b50565cd8b946a2d00b0c83927b7ebb055e" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "packageName": "ALSA pcm", "product": "Linux Kernel", "repo": "https://git.kernel.org", "vendor": "Linux", "versions": [ { "lessThan": "56b88b50565cd8b946a2d00b0c83927b7ebb055e", "status": "affected", "version": "4.14", "versionType": "git" } ] } ], "datePublic": "2023-01-13T00:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit\u0026nbsp;56b88b50565cd8b946a2d00b0c83927b7ebb055e\u003c/span\u003e\u003cbr\u003e" } ], "value": "A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel.\u00a0SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit\u00a056b88b50565cd8b946a2d00b0c83927b7ebb055e\n" } ], "impacts": [ { "capecId": "CAPEC-233", "descriptions": [ { "lang": "en", "value": "CAPEC-233 Privilege Escalation" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.9, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-30T13:09:32.141Z", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google" }, "references": [ { "url": "https://github.com/torvalds/linux/commit/becf9e5d553c2389d857a3c178ce80fdb34a02e1" }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4" }, { "url": "https://github.com/torvalds/linux/commit/56b88b50565cd8b946a2d00b0c83927b7ebb055e" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html" } ], "source": { "discovery": "UNKNOWN" }, "title": "Use after free in SNDRV_CTL_IOCTL_ELEM in Linux Kernel", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2023-0266", "datePublished": "2023-01-30T13:09:32.141Z", "dateReserved": "2023-01-13T07:58:13.390Z", "dateUpdated": "2024-08-02T05:02:44.150Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21135
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-260570119
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.892Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-260570119" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21135", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.892Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21141
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-262244249
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.682Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-262244249" } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21141", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.682Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21666
Vulnerability from cvelistv5
Published
2023-05-02 05:08
Modified
2024-08-02 09:44
Severity ?
EPSS score ?
Summary
Improper Release of Memory Before Removing Last Reference (`Memory Leak`) in Graphics
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Qualcomm, Inc. | Snapdragon |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:44:02.143Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/172664/Qualcomm-Adreno-KGSL-Data-Leakage.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Voice \u0026 Music", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "315 5G IoT Modem" }, { "status": "affected", "version": "9206 LTE Modem" }, { "status": "affected", "version": "APQ8017" }, { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8031" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "C-V2X 9150" }, { "status": "affected", "version": "CSRA6620" }, { "status": "affected", "version": "CSRA6640" }, { "status": "affected", "version": "CSRB31024" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "Flight RB5 5G Platform" }, { "status": "affected", "version": "Home Hub 100 Platform" }, { "status": "affected", "version": "MDM9250" }, { "status": "affected", "version": "MDM9628" }, { "status": "affected", "version": "MDM9650" }, { "status": "affected", "version": "MSM8108" }, { "status": "affected", "version": "MSM8209" }, { "status": "affected", "version": "MSM8608" }, { "status": "affected", "version": "MSM8909W" }, { "status": "affected", "version": "QCA6174" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6320" }, { "status": "affected", "version": "QCA6335" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6564" }, { "status": "affected", "version": "QCA6564A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA9367" }, { "status": "affected", "version": "QCA9377" }, { "status": "affected", "version": "QCA9379" }, { "status": "affected", "version": "QCM2290" }, { "status": "affected", "version": "QCM4290" }, { "status": "affected", "version": "QCM6125" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9074" }, { "status": "affected", "version": "QCS2290" }, { "status": "affected", "version": "QCS410" }, { "status": "affected", "version": "QCS4290" }, { "status": "affected", "version": "QCS610" }, { "status": "affected", "version": "QCS6125" }, { "status": "affected", "version": "QCS8155" }, { "status": "affected", "version": "QCS8250" }, { "status": "affected", "version": "QRB5165M" }, { "status": "affected", "version": "QRB5165N" }, { "status": "affected", "version": "QSM8250" }, { "status": "affected", "version": "Qualcomm 205 Mobile Platform" }, { "status": "affected", "version": "Qualcomm 215 Mobile Platform" }, { "status": "affected", "version": "Robotics RB3 Platform" }, { "status": "affected", "version": "Robotics RB5 Platform" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SD 675" }, { "status": "affected", "version": "SD626" }, { "status": "affected", "version": "SD660" }, { "status": "affected", "version": "SD670" }, { "status": "affected", "version": "SD675" }, { "status": "affected", "version": "SD730" }, { "status": "affected", "version": "SD835" }, { "status": "affected", "version": "SD855" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SDM429W" }, { "status": "affected", "version": "SDX20M" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SM4125" }, { "status": "affected", "version": "SM6250" }, { "status": "affected", "version": "SM6250P" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "Smart Audio 200 Platform" }, { "status": "affected", "version": "Smart Audio 400 Platform" }, { "status": "affected", "version": "Smart Display 200 Platform (APQ5053-AA)" }, { "status": "affected", "version": "Snapdragon 1200 Wearable Platform" }, { "status": "affected", "version": "Snapdragon 208 Processor" }, { "status": "affected", "version": "Snapdragon 210 Processor" }, { "status": "affected", "version": "Snapdragon 212 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 425 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 429 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 439 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 450 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 460 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 625 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 626 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 632 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 660 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 662 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 665 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 670 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 675 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 678 Mobile Platform (SM6150-AC)" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 690 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 710 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 720G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 730 Mobile Platform (SM7150-AA)" }, { "status": "affected", "version": "Snapdragon 730G Mobile Platform (SM7150-AB)" }, { "status": "affected", "version": "Snapdragon 732G Mobile Platform (SM7150-AC)" }, { "status": "affected", "version": "Snapdragon 750G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 820 Automotive Platform" }, { "status": "affected", "version": "Snapdragon 835 Mobile PC Platform" }, { "status": "affected", "version": "Snapdragon 845 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon Wear 2100 Platform" }, { "status": "affected", "version": "Snapdragon Wear 2500 Platform" }, { "status": "affected", "version": "Snapdragon Wear 3100 Platform" }, { "status": "affected", "version": "Snapdragon Wear 4100+ Platform" }, { "status": "affected", "version": "Snapdragon X20 LTE Modem" }, { "status": "affected", "version": "Snapdragon X24 LTE Modem" }, { "status": "affected", "version": "Snapdragon X5 LTE Modem" }, { "status": "affected", "version": "Snapdragon X50 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR1 Platform" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 4G Modem" }, { "status": "affected", "version": "SXR1120" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "Vision Intelligence 100 Platform (APQ8053-AA)" }, { "status": "affected", "version": "Vision Intelligence 200 Platform (APQ8053-AC)" }, { "status": "affected", "version": "Vision Intelligence 400 Platform" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9330" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9371" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3610" }, { "status": "affected", "version": "WCN3615" }, { "status": "affected", "version": "WCN3620" }, { "status": "affected", "version": "WCN3660" }, { "status": "affected", "version": "WCN3660B" }, { "status": "affected", "version": "WCN3680" }, { "status": "affected", "version": "WCN3680B" }, { "status": "affected", "version": "WCN3910" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WCN3999" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-401", "description": "CWE-401 Improper Release of Memory Before Removing Last Reference (\u0027Memory Leak\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:28:04.919Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" }, { "url": "http://packetstormsecurity.com/files/172664/Qualcomm-Adreno-KGSL-Data-Leakage.html" } ], "title": "Improper Release of Memory Before Removing Last Reference (`Memory Leak`) in Graphics" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-21666", "datePublished": "2023-05-02T05:08:59.157Z", "dateReserved": "2022-12-07T02:58:25.874Z", "dateUpdated": "2024-08-02T09:44:02.143Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-20965
Vulnerability from cvelistv5
Published
2023-08-14 20:48
Modified
2024-10-09 19:13
Severity ?
EPSS score ?
Summary
In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:21:33.814Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/88a8a98934215f591605028e200b6eca8f7cc45a" }, { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/bd318b9772759546509f6fdb8648366099dd65ad" }, { "tags": [ "x_transferred" ], "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/0d3cb609b0851ea9e5745cc6101e57c2e5e739f2" }, { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-08-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-20965", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-09T19:06:15.900756Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-522", "description": "CWE-522 Insufficiently Protected Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T19:13:54.759Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "13" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eIn processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\u003c/p\u003e" } ], "value": "In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-14T20:48:48.811Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/88a8a98934215f591605028e200b6eca8f7cc45a" }, { "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/bd318b9772759546509f6fdb8648366099dd65ad" }, { "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/0d3cb609b0851ea9e5745cc6101e57c2e5e739f2" }, { "url": "https://source.android.com/security/bulletin/2023-08-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-20965", "datePublished": "2023-08-14T20:48:48.811Z", "dateReserved": "2022-11-03T22:37:50.595Z", "dateUpdated": "2024-10-09T19:13:54.759Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21138
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-273260090
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.706Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-273260090" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21138", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.706Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21665
Vulnerability from cvelistv5
Published
2023-05-02 05:08
Modified
2024-08-02 09:44
Severity ?
EPSS score ?
Summary
Incorrect Type Conversion or Cast in Graphics
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Qualcomm, Inc. | Snapdragon |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:qualcomm:315_5g_iot_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "315_5g_iot_modem_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "9206_lte_modem_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "apq8017_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:apq8052_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "apq8052_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:apq8056_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "apq8056_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:apq8064au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "apq8064au_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:apq8076_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "apq8076_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "aqt1000_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ar8031_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ar8035_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "c-v2x_9150_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "csra6620_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "csra6640_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "csrb31024_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_6200_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_6700_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_6800_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_6900_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:flight_rb5_5g_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "flight_rb5_5g_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:home_hub_100_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "home_hub_100_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "mdm9250_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "mdm9628_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "mdm9650_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:msm8108_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "msm8108_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:msm8209_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "msm8209_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:msm8608_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "msm8608_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "msm8996au_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qam8295p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6174_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6174_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6174a_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6310_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6320_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6335_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6391_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6420_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6421_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6426_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6430_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6431_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6436_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6564_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6564_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6564a_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6564au_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6574_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6574a_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6574au_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6584au_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6595_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6595au_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6696_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6698aq_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca8081_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca8337_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca9367_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca9377_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca9379_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcm2290_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcm4290_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcm6125_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcm6490_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn6024_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn9011_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn9012_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn9024_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn9074_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcs2290_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcs410_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcs4290_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcs610_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcs6125_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcs6490_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcs8155_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcs8155_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcs8250_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcs8250_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qrb5165m_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qrb5165n_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qsm8250_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qualcomm_205_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qualcomm_205_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qualcomm_215_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qualcomm_215_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:robotics_rb3_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "robotics_rb3_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:robotics_rb5_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "robotics_rb5_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa4150p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa4155p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa6145p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa6150p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa6155_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa6155p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa8145p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa8150p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa8155_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa8155p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa8195p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sa8295p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd_675_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd626_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd626_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd660_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd670_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd675_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd730_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd835_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd855_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd865_5g_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sd888_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdm429w_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdx20m_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdx20m_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sdx55_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sm4125_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sm6250_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sm6250p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sm7250p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sm7315_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sm7325p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:smart_audio_200_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "smart_audio_200_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:smart_audio_400_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "smart_audio_400_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_1200_wearable_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_208_processor_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_208_processor_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_210_processor_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_210_processor_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_212_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_212_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_4_gen_1_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_425_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_425_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_429_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_429_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_439_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_439_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_450_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_450_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_460_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_480_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_617_processor_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_617_processor_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_625_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_625_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_626_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_626_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_630_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_630_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_632_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_632_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_636_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_636_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_650_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_650_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_652_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_652_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_653_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_653_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_660_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_660_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_662_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_665_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_665_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_670_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_670_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_675_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_675_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_680_4g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_690_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_695_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_710_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_710_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_720g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_720g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_750g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_750g_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_778g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_778g_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_780g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_780g_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_820_automotive_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_820_automotive_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_835_mobile_pc_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_835_mobile_pc_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_845_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_845_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_855_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_855_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_865_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_888_5g_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_auto_5g_modem-rf_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x12_lte_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x12_lte_modem_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x20_lte_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x20_lte_modem_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x24_lte_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x24_lte_modem_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x5_lte_modem_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x50_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x50_5g_modem-rf_system_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x55_5g_modem-rf_system_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x65_5g_modem-rf_system_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_xr1_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_xr1_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_xr2_5g_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_auto_4g_modem_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sw5100_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sw5100p_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sxr1120_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sxr2130_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:vision_intelligence_400_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "vision_intelligence_400_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9326_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9330_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9335_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9340_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9341_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9370_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9371_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9375_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9380_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9385_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3610_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3615_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3620_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3660_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3660_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3660b_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3680_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3680_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3680b_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3910_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3950_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3980_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3988_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3990_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn3999_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcn6740_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8810_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8815_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8830_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8835_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-21665", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-11T20:12:30.514254Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-11T20:12:42.222Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T09:44:02.226Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/172663/Qualcomm-Adreno-KGSL-Unchecked-Cast-Type-Confusion.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Voice \u0026 Music", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "315 5G IoT Modem" }, { "status": "affected", "version": "9206 LTE Modem" }, { "status": "affected", "version": "APQ8017" }, { "status": "affected", "version": "APQ8052" }, { "status": "affected", "version": "APQ8056" }, { "status": "affected", "version": "APQ8064AU" }, { "status": "affected", "version": "APQ8076" }, { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8031" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "C-V2X 9150" }, { "status": "affected", "version": "CSRA6620" }, { "status": "affected", "version": "CSRA6640" }, { "status": "affected", "version": "CSRB31024" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "Flight RB5 5G Platform" }, { "status": "affected", "version": "Home Hub 100 Platform" }, { "status": "affected", "version": "MDM9250" }, { "status": "affected", "version": "MDM9628" }, { "status": "affected", "version": "MDM9650" }, { "status": "affected", "version": "MSM8108" }, { "status": "affected", "version": "MSM8209" }, { "status": "affected", "version": "MSM8608" }, { "status": "affected", "version": "MSM8996AU" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QCA6174" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6320" }, { "status": "affected", "version": "QCA6335" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6564" }, { "status": "affected", "version": "QCA6564A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA9367" }, { "status": "affected", "version": "QCA9377" }, { "status": "affected", "version": "QCA9379" }, { "status": "affected", "version": "QCM2290" }, { "status": "affected", "version": "QCM4290" }, { "status": "affected", "version": "QCM6125" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCN9074" }, { "status": "affected", "version": "QCS2290" }, { "status": "affected", "version": "QCS410" }, { "status": "affected", "version": "QCS4290" }, { "status": "affected", "version": "QCS610" }, { "status": "affected", "version": "QCS6125" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCS8155" }, { "status": "affected", "version": "QCS8250" }, { "status": "affected", "version": "QRB5165M" }, { "status": "affected", "version": "QRB5165N" }, { "status": "affected", "version": "QSM8250" }, { "status": "affected", "version": "Qualcomm 205 Mobile Platform" }, { "status": "affected", "version": "Qualcomm 215 Mobile Platform" }, { "status": "affected", "version": "Robotics RB3 Platform" }, { "status": "affected", "version": "Robotics RB5 Platform" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA4155P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SD 675" }, { "status": "affected", "version": "SD626" }, { "status": "affected", "version": "SD660" }, { "status": "affected", "version": "SD670" }, { "status": "affected", "version": "SD675" }, { "status": "affected", "version": "SD730" }, { "status": "affected", "version": "SD835" }, { "status": "affected", "version": "SD855" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SD888" }, { "status": "affected", "version": "SDM429W" }, { "status": "affected", "version": "SDX20M" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SM4125" }, { "status": "affected", "version": "SM6250" }, { "status": "affected", "version": "SM6250P" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM7315" }, { "status": "affected", "version": "SM7325P" }, { "status": "affected", "version": "Smart Audio 200 Platform" }, { "status": "affected", "version": "Smart Audio 400 Platform" }, { "status": "affected", "version": "Smart Display 200 Platform (APQ5053-AA)" }, { "status": "affected", "version": "Snapdragon 1200 Wearable Platform" }, { "status": "affected", "version": "Snapdragon 208 Processor" }, { "status": "affected", "version": "Snapdragon 210 Processor" }, { "status": "affected", "version": "Snapdragon 212 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 425 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 429 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 439 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 450 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 460 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 617 Processor" }, { "status": "affected", "version": "Snapdragon 625 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 626 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 630 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 632 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 636 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 650 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 652 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 653 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 660 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 662 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 665 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 670 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 675 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 678 Mobile Platform (SM6150-AC)" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 690 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 710 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 720G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 730 Mobile Platform (SM7150-AA)" }, { "status": "affected", "version": "Snapdragon 730G Mobile Platform (SM7150-AB)" }, { "status": "affected", "version": "Snapdragon 732G Mobile Platform (SM7150-AC)" }, { "status": "affected", "version": "Snapdragon 750G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 778G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)" }, { "status": "affected", "version": "Snapdragon 780G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 782G Mobile Platform (SM7325-AF)" }, { "status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute" }, { "status": "affected", "version": "Snapdragon 820 Automotive Platform" }, { "status": "affected", "version": "Snapdragon 835 Mobile PC Platform" }, { "status": "affected", "version": "Snapdragon 845 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon Wear 4100+ Platform" }, { "status": "affected", "version": "Snapdragon X12 LTE Modem" }, { "status": "affected", "version": "Snapdragon X20 LTE Modem" }, { "status": "affected", "version": "Snapdragon X24 LTE Modem" }, { "status": "affected", "version": "Snapdragon X5 LTE Modem" }, { "status": "affected", "version": "Snapdragon X50 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR1 Platform" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 4G Modem" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR1120" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "Vision Intelligence 100 Platform (APQ8053-AA)" }, { "status": "affected", "version": "Vision Intelligence 200 Platform (APQ8053-AC)" }, { "status": "affected", "version": "Vision Intelligence 400 Platform" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9330" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9371" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3610" }, { "status": "affected", "version": "WCN3615" }, { "status": "affected", "version": "WCN3620" }, { "status": "affected", "version": "WCN3660" }, { "status": "affected", "version": "WCN3660B" }, { "status": "affected", "version": "WCN3680" }, { "status": "affected", "version": "WCN3680B" }, { "status": "affected", "version": "WCN3910" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WCN3999" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption in Graphics while importing a file." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-704", "description": "CWE-704 Incorrect Type Conversion or Cast", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:28:01.456Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" }, { "url": "http://packetstormsecurity.com/files/172663/Qualcomm-Adreno-KGSL-Unchecked-Cast-Type-Confusion.html" } ], "title": "Incorrect Type Conversion or Cast in Graphics" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2023-21665", "datePublished": "2023-05-02T05:08:57.440Z", "dateReserved": "2022-12-07T02:58:25.873Z", "dateUpdated": "2024-08-02T09:44:02.226Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21513
Vulnerability from cvelistv5
Published
2023-06-28 00:00
Modified
2024-08-02 09:44
Severity ?
EPSS score ?
Summary
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Samsung Mobile | Samsung Mobile Devices |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:44:01.091Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=06" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Samsung Mobile Devices", "vendor": "Samsung Mobile", "versions": [ { "lessThan": "SMR Jun-2023 Release 1", "status": "affected", "version": "Android 11, 12, 13", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-28T00:00:00", "orgId": "3af57064-a867-422c-b2ad-40307b65c458", "shortName": "Samsung Mobile" }, "references": [ { "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=06" } ], "source": { "discovery": "UNKNOWN" } } }, "cveMetadata": { "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458", "assignerShortName": "Samsung Mobile", "cveId": "CVE-2023-21513", "datePublished": "2023-06-28T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-02T09:44:01.091Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21108
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-239414876
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.833Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-239414876" } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21108", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.833Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-20726
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:14:40.402Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "MT2731, MT2735, MT2737, MT6580, MT6739, MT6761, MT6762, MT6765, MT6767, MT6768, MT6769, MT6771, MT6779, MT6781, MT6783, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6980, MT6980D, MT6983, MT6985, MT6990, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797", "vendor": "MediaTek, Inc.", "versions": [ { "status": "affected", "version": "Android 11.0, 12.0, 13.0 / OpenWrt 19.07, 21.02 / Yocto 2.6, 3.3 / RDKB 2022Q3" } ] } ], "descriptions": [ { "lang": "en", "value": "In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only)." } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-15T00:00:00", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek" }, "references": [ { "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ] } }, "cveMetadata": { "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2023-20726", "datePublished": "2023-05-15T00:00:00", "dateReserved": "2022-10-28T00:00:00", "dateUpdated": "2024-08-02T09:14:40.402Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46396
Vulnerability from cvelistv5
Published
2023-04-11 00:00
Modified
2024-08-03 14:31
Severity ?
EPSS score ?
Summary
An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:31:46.328Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-11T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-46396", "datePublished": "2023-04-11T00:00:00", "dateReserved": "2022-12-04T00:00:00", "dateUpdated": "2024-08-03T14:31:46.328Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46891
Vulnerability from cvelistv5
Published
2023-01-17 00:00
Modified
2024-08-03 14:47
Severity ?
EPSS score ?
Summary
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:47:27.740Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-17T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-46891", "datePublished": "2023-01-17T00:00:00", "dateReserved": "2022-12-09T00:00:00", "dateUpdated": "2024-08-03T14:47:27.740Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21137
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In several methods of JobStore.java, uncaught exceptions in job map parsing could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-246541702
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.611Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In several methods of JobStore.java, uncaught exceptions in job map parsing could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-246541702" } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21137", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.611Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46394
Vulnerability from cvelistv5
Published
2023-03-08 00:00
Modified
2024-08-03 14:31
Severity ?
EPSS score ?
Summary
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r39p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:31:46.340Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/support/arm-security-updates" }, { "tags": [ "x_transferred" ], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r39p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-08T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://developer.arm.com/support/arm-security-updates" }, { "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-46394", "datePublished": "2023-03-08T00:00:00", "dateReserved": "2022-12-04T00:00:00", "dateUpdated": "2024-08-03T14:31:46.340Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-33305
Vulnerability from cvelistv5
Published
2023-05-02 05:08
Modified
2024-08-03 08:01
Severity ?
EPSS score ?
Summary
Null pointer dereference in Modem
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Qualcomm, Inc. | Snapdragon |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T08:01:20.537Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "315 5G IoT Modem" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "CSRA6620" }, { "status": "affected", "version": "CSRA6640" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCM2290" }, { "status": "affected", "version": "QCM4290" }, { "status": "affected", "version": "QCM4325" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCS2290" }, { "status": "affected", "version": "QCS4290" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "SD888" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SDX57M" }, { "status": "affected", "version": "SG4150P" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM7315" }, { "status": "affected", "version": "SM7325P" }, { "status": "affected", "version": "Smart Audio 400 Platform" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 460 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 662 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 690 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 778G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)" }, { "status": "affected", "version": "Snapdragon 780G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 782G Mobile Platform (SM7325-AF)" }, { "status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X70 Modem-RF System" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9360" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3910" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:27:40.687Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" } ], "title": "Null pointer dereference in Modem" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2022-33305", "datePublished": "2023-05-02T05:08:47.586Z", "dateReserved": "2022-06-14T10:44:39.616Z", "dateUpdated": "2024-08-03T08:01:20.537Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21122
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-270050191
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:26.033Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-270050191" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21122", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:26.033Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21139
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-271845008
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.906Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-271845008" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21139", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.906Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21123
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-270050064
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.995Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-270050064" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21123", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.995Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-34144
Vulnerability from cvelistv5
Published
2023-05-02 05:08
Modified
2024-08-03 08:16
Severity ?
EPSS score ?
Summary
Reachable assertion in Modem
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Qualcomm, Inc. | Snapdragon |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2022-34144", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-05T20:11:01.389113Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-05T20:11:11.752Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T08:16:17.003Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Industrial IOT", "Snapdragon Mobile" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "315 5G IoT Modem" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCM4490" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCS4490" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "SD888" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SDX57M" }, { "status": "affected", "version": "SM4450" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM7315" }, { "status": "affected", "version": "SM7325P" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 690 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 778G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)" }, { "status": "affected", "version": "Snapdragon 780G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 782G Mobile Platform (SM7325-AF)" }, { "status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X70 Modem-RF System" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9360" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS due to reachable assertion in Modem during OSI decode scheduling." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-617", "description": "CWE-617 Reachable Assertion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:27:44.073Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" } ], "title": "Reachable assertion in Modem" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2022-34144", "datePublished": "2023-05-02T05:08:49.075Z", "dateReserved": "2022-06-20T05:51:02.535Z", "dateUpdated": "2024-08-03T08:16:17.003Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40504
Vulnerability from cvelistv5
Published
2023-05-02 07:30
Modified
2024-08-03 12:21
Severity ?
EPSS score ?
Summary
Reachable assertion in Modem
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Qualcomm, Inc. | Snapdragon |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:21:45.563Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "315 5G IoT Modem" }, { "status": "affected", "version": "APQ8017" }, { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "CSRA6620" }, { "status": "affected", "version": "CSRA6640" }, { "status": "affected", "version": "CSRB31024" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "FSM10055" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6335" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA9377" }, { "status": "affected", "version": "QCM2290" }, { "status": "affected", "version": "QCM4290" }, { "status": "affected", "version": "QCM4325" }, { "status": "affected", "version": "QCM4490" }, { "status": "affected", "version": "QCM6125" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCS2290" }, { "status": "affected", "version": "QCS410" }, { "status": "affected", "version": "QCS4290" }, { "status": "affected", "version": "QCS4490" }, { "status": "affected", "version": "QCS610" }, { "status": "affected", "version": "QCS6125" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "Qualcomm 205 Mobile Platform" }, { "status": "affected", "version": "Qualcomm 215 Mobile Platform" }, { "status": "affected", "version": "Robotics RB3 Platform" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SC8180X+SDX55" }, { "status": "affected", "version": "SD 455" }, { "status": "affected", "version": "SD 675" }, { "status": "affected", "version": "SD460" }, { "status": "affected", "version": "SD626" }, { "status": "affected", "version": "SD660" }, { "status": "affected", "version": "SD662" }, { "status": "affected", "version": "SD670" }, { "status": "affected", "version": "SD675" }, { "status": "affected", "version": "SD730" }, { "status": "affected", "version": "SD855" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SD888" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SDX57M" }, { "status": "affected", "version": "SG4150P" }, { "status": "affected", "version": "SM4450" }, { "status": "affected", "version": "SM6250" }, { "status": "affected", "version": "SM6250P" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM7315" }, { "status": "affected", "version": "SM7325P" }, { "status": "affected", "version": "Smart Audio 400 Platform" }, { "status": "affected", "version": "Smart Display 200 Platform (APQ5053-AA)" }, { "status": "affected", "version": "Snapdragon 210 Processor" }, { "status": "affected", "version": "Snapdragon 212 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 425 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 427 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 429 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 435 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 439 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 450 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 460 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 625 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 626 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 630 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 632 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 636 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 660 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 662 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 665 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 670 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 675 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 678 Mobile Platform (SM6150-AC)" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 690 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 710 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 712 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 720G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 730 Mobile Platform (SM7150-AA)" }, { "status": "affected", "version": "Snapdragon 730G Mobile Platform (SM7150-AB)" }, { "status": "affected", "version": "Snapdragon 732G Mobile Platform (SM7150-AC)" }, { "status": "affected", "version": "Snapdragon 750G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 778G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)" }, { "status": "affected", "version": "Snapdragon 780G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 782G Mobile Platform (SM7325-AF)" }, { "status": "affected", "version": "Snapdragon 7c Compute Platform (SC7180-AC)" }, { "status": "affected", "version": "Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) \"Rennell Pro\"" }, { "status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 845 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 850 Mobile Compute Platform" }, { "status": "affected", "version": "Snapdragon 855 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon X20 LTE Modem" }, { "status": "affected", "version": "Snapdragon X24 LTE Modem" }, { "status": "affected", "version": "Snapdragon X50 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X70 Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR1 Platform" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon Auto 4G Modem" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR1120" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "Vision Intelligence 100 Platform (APQ8053-AA)" }, { "status": "affected", "version": "Vision Intelligence 200 Platform (APQ8053-AC)" }, { "status": "affected", "version": "Vision Intelligence 300 Platform" }, { "status": "affected", "version": "Vision Intelligence 400 Platform" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9360" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9371" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3610" }, { "status": "affected", "version": "WCN3615" }, { "status": "affected", "version": "WCN3660" }, { "status": "affected", "version": "WCN3660B" }, { "status": "affected", "version": "WCN3680" }, { "status": "affected", "version": "WCN3680B" }, { "status": "affected", "version": "WCN3910" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-617", "description": "CWE-617 Reachable Assertion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-12T16:27:47.469Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin" } ], "title": "Reachable assertion in Modem" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2022-40504", "datePublished": "2023-05-02T07:30:18.673Z", "dateReserved": "2022-09-12T09:37:28.412Z", "dateUpdated": "2024-08-03T12:21:45.563Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21124
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-265798353
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.892Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-265798353" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21124", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.892Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21115
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-258834033
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.658Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L" } ] } ], "descriptions": [ { "lang": "en", "value": "In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-258834033" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21115", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.658Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21517
Vulnerability from cvelistv5
Published
2023-06-28 00:00
Modified
2024-08-02 09:44
Severity ?
EPSS score ?
Summary
Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Samsung Mobile | Samsung Mobile Devices |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:44:01.521Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=06" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Samsung Mobile Devices", "vendor": "Samsung Mobile", "versions": [ { "lessThan": "SMR Jun-2023 Release 1", "status": "affected", "version": "Select devices using Exynos CP chipsets", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0026#39;Classic Buffer Overflow\u0026#39;)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-28T00:00:00", "orgId": "3af57064-a867-422c-b2ad-40307b65c458", "shortName": "Samsung Mobile" }, "references": [ { "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=06" } ], "source": { "discovery": "UNKNOWN" } } }, "cveMetadata": { "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458", "assignerShortName": "Samsung Mobile", "cveId": "CVE-2023-21517", "datePublished": "2023-06-28T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-02T09:44:01.521Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-47469
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2024-08-03 14:55
Severity ?
EPSS score ?
Summary
In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:55:08.377Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.", "versions": [ { "status": "affected", "version": "Android10/Android11" } ] } ], "descriptions": [ { "lang": "en", "value": "In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed." } ], "providerMetadata": { "dateUpdated": "2023-05-09T01:20:30.308Z", "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3", "shortName": "Unisoc" }, "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761" } ] } }, "cveMetadata": { "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3", "assignerShortName": "Unisoc", "cveId": "CVE-2022-47469", "datePublished": "2023-05-09T01:20:30.308Z", "dateReserved": "2022-12-15T08:22:03.068Z", "dateUpdated": "2024-08-03T14:55:08.377Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21143
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-268193777
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.616Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-268193777" } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21143", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.616Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21142
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-262243665
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.986Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-262243665" } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21142", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.986Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21102
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernel
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.938Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-05-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "descriptions": [ { "lang": "en", "value": "In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernel" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-05-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21102", "datePublished": "2023-05-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.938Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21126
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-271846393
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.973Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-271846393" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21126", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.973Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21095
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-242704576
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:26.060Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-242704576" } ], "problemTypes": [ { "descriptions": [ { "description": "Information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21095", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:26.060Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21127
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-275418191
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.690Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-275418191" } ], "problemTypes": [ { "descriptions": [ { "description": "Remote code execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21127", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.690Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21136
Vulnerability from cvelistv5
Published
2023-06-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-246542285
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.675Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android-11 Android-12 Android-12L Android-13" } ] } ], "descriptions": [ { "lang": "en", "value": "In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-246542285" } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-06-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21136", "datePublished": "2023-06-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.675Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-20697
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:14:40.943Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797", "vendor": "MediaTek, Inc.", "versions": [ { "status": "affected", "version": "Android 11.0, 12.0, 13.0" } ] } ], "descriptions": [ { "lang": "en", "value": "In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148." } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-15T00:00:00", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek" }, "references": [ { "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ] } }, "cveMetadata": { "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2023-20697", "datePublished": "2023-05-15T00:00:00", "dateReserved": "2022-10-28T00:00:00", "dateUpdated": "2024-08-02T09:14:40.943Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21106
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:28
Severity ?
EPSS score ?
Summary
In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-265016072References: Upstream kernel
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:28:25.927Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://source.android.com/security/bulletin/2023-05-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "descriptions": [ { "lang": "en", "value": "In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-265016072References: Upstream kernel" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-15T00:00:00", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "url": "https://source.android.com/security/bulletin/2023-05-01" } ] } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2023-21106", "datePublished": "2023-05-15T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-02T09:28:25.927Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-20694
Vulnerability from cvelistv5
Published
2023-05-15 00:00
Modified
2024-08-02 09:14
Severity ?
EPSS score ?
Summary
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only).
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:14:40.774Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "MT6580, MT6739, MT6761, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6789, MT6853, MT6855, MT6873, MT6879, MT6880, MT6885, MT6890, MT6895, MT6983, MT8167, MT8175, MT8185, MT8195, MT8321, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797", "vendor": "MediaTek, Inc.", "versions": [ { "status": "affected", "version": "Android 12.0, 13.0 / OpenWrt 19.07, 21.02" } ] } ], "descriptions": [ { "lang": "en", "value": "In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only)." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-15T00:00:00", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek" }, "references": [ { "url": "https://corp.mediatek.com/product-security-bulletin/May-2023" } ] } }, "cveMetadata": { "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2023-20694", "datePublished": "2023-05-15T00:00:00", "dateReserved": "2022-10-28T00:00:00", "dateUpdated": "2024-08-02T09:14:40.774Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-47488
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2024-08-03 14:55
Severity ?
EPSS score ?
Summary
In spipe drive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:55:08.168Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.", "versions": [ { "status": "affected", "version": "Android10/Android11/Android12/Android13" } ] } ], "descriptions": [ { "lang": "en", "value": "In spipe drive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed." } ], "providerMetadata": { "dateUpdated": "2023-05-09T01:20:34.945Z", "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3", "shortName": "Unisoc" }, "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761" } ] } }, "cveMetadata": { "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3", "assignerShortName": "Unisoc", "cveId": "CVE-2022-47488", "datePublished": "2023-05-09T01:20:34.945Z", "dateReserved": "2022-12-15T08:22:03.072Z", "dateUpdated": "2024-08-03T14:55:08.168Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-47470
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2024-08-03 14:55
Severity ?
EPSS score ?
Summary
In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:55:08.140Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.", "versions": [ { "status": "affected", "version": "Android10/Android11" } ] } ], "descriptions": [ { "lang": "en", "value": "In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed." } ], "providerMetadata": { "dateUpdated": "2023-05-09T01:20:31.535Z", "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3", "shortName": "Unisoc" }, "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761" } ] } }, "cveMetadata": { "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3", "assignerShortName": "Unisoc", "cveId": "CVE-2022-47470", "datePublished": "2023-05-09T01:20:31.535Z", "dateReserved": "2022-12-15T08:22:03.068Z", "dateUpdated": "2024-08-03T14:55:08.140Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.