Google: >> Android >> 11.0 Security Vulnerabilities
In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-248251018
CVSS Score
3.3
EPSS Score
0.0
Published
2023-02-28
In several functions of MediaCodec.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-245860753
CVSS Score
7.8
EPSS Score
0.0
Published
2023-02-28
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240267890
CVSS Score
7.8
EPSS Score
0.0
Published
2023-02-28
In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-244154558
CVSS Score
7.8
EPSS Score
0.0
Published
2023-02-28
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-12
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-12
In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-12
In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-12
In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-12
In log service, there is a missing permission check. This could lead to local denial of service in log service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-12