|
199361
|
7.8 |
HIGH
Local
|
google
|
android
|
In MMU_MapPages of TBD, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0943
|
2024-11-21 14:43 |
2022-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199362
|
9.8 |
CRITICAL
Network
|
google
|
android
|
The path in this case is a little bit convoluted. The end result is that via an ioctl an untrusted app can control the ui32PageIndex offset in the expression:sPA.uiAddr = page_to_phys(psOSPageArrayDa…
|
CWE-125
Out-of-bounds Read
|
CVE-2021-0942
|
2024-11-21 14:43 |
2022-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199363
|
7.8 |
HIGH
Local
|
google
|
android
|
In PVRSRVBridgePMRPDumpSymbolicAddr of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2021-0871
|
2024-11-21 14:43 |
2022-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199364
|
7.0 |
HIGH
Local
|
google
|
android
|
In PVRSRVRGXSubmitTransferKM of rgxtransfer.c, there is a possible user after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges ne…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2021-0697
|
2024-11-21 14:43 |
2022-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199365
|
7.5 |
HIGH
Network
|
google
|
android
|
The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on the heap, fills the contents of the buffer via TLServerDiscoverStreamsKM, and then copies the buffer to userspace. The method TLSer…
|
CWE-909
Missing Initialization of Resource
|
CVE-2021-0947
|
2024-11-21 14:43 |
2022-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199366
|
7.5 |
HIGH
Network
|
google
|
android
|
The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMR_PDumpSymbolicAddr, and then copies the buffer to userspace. The method P…
|
CWE-909
Missing Initialization of Resource
|
CVE-2021-0946
|
2024-11-21 14:43 |
2022-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199367
|
7.5 |
HIGH
Network
|
google
|
android
|
An unprivileged app can trigger PowerVR driver to return an uninitialized heap memory causing information disclosure.Product: AndroidVersions: Android SoCAndroid ID: A-236849490
|
CWE-269
Improper Privilege Management
|
CVE-2021-0891
|
2024-11-21 14:43 |
2022-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199368
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privilege…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2021-0887
|
2024-11-21 14:43 |
2022-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199369
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges n…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2021-0698
|
2024-11-21 14:43 |
2022-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199370
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In USB Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosur…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-0975
|
2024-11-21 14:43 |
2022-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
