whekin.blogg.se

User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android ID: A-150944913

This could lead to local information disclosure with no additional execution privileges needed. In sendCaptureResult of Camera3OutputUtils.cpp, there is a possible out of bounds read due to a use after free. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-140108616 This could lead to local escalation of privilege with no additional execution privileges needed. In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-145669109 In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754 In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715 This could lead to remote code execution over Bluetooth with no additional execution privileges needed. In reassemble_and_dispatch of packet_, there is possible out of bounds write due to an incorrect bounds calculation. User action is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-128674520 This could lead to a local escalation of privilege with no additional execution privileges needed. It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-140055304 User interaction is not needed for exploitation.

In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly.