Google: >> Android >> 8.1 Security Vulnerabilities
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker under certain build conditions with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05560246; Issue ID: ALPS05551383.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-10-25
In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185178568
CVSS Score
7.8
EPSS Score
0.0
Published
2021-10-22
In runDumpHeap of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-183262161
CVSS Score
7.8
EPSS Score
0.0
Published
2021-10-22
In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-192472262
CVSS Score
8.1
EPSS Score
0.009
Published
2021-10-22
A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
CVSS Score
7.2
EPSS Score
0.002
Published
2021-10-06
A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
CVSS Score
7.2
EPSS Score
0.002
Published
2021-10-06
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection.
CVSS Score
4.4
EPSS Score
0.003
Published
2021-10-06
An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory.
CVSS Score
6.4
EPSS Score
0.0
Published
2021-10-06
Lack of boundary checking of a buffer in livfivextractor library prior to SMR Oct-2021 Release 1 allows OOB read.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-10-06
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.
CVSS Score
4.0
EPSS Score
0.0
Published
2021-10-06