Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Android
(Google)| Repositories | https://github.com/torvalds/linux |
| #Vulnerabilities | 7192 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-03-26 | CVE-2021-25369 | An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace. | Android | 5.5 | ||
| 2021-03-26 | CVE-2021-25370 | An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic. | Android | 4.4 | ||
| 2021-03-26 | CVE-2021-25371 | A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. | Android | 6.7 | ||
| 2021-03-26 | CVE-2021-25372 | An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. | Android | 6.7 | ||
| 2021-04-06 | CVE-2021-30162 | An issue was discovered on LG mobile devices with Android OS 4.4 through 11 software. Attackers can leverage ISMS services to bypass access control on specific content providers. The LG ID is LVE-SMP-210003 (April 2021). | Android | 7.1 | ||
| 2021-04-06 | CVE-2021-30161 | An issue was discovered on LG mobile devices with Android OS 11 software. Attackers can bypass the lockscreen protection mechanism after an incoming call has been terminated. The LG ID is LVE-SMP-210002 (April 2021). | Android | 5.5 | ||
| 2021-04-09 | CVE-2021-25356 | An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application. | Android | 8.8 | ||
| 2021-04-09 | CVE-2021-25357 | A pendingIntent hijacking vulnerability in Create Movie prior to SMR APR-2021 Release 1 in Android O(8.x) and P(9.0), 3.4.81.1 in Android Q(10,0), and 3.6.80.7 in Android R(11.0) allows unprivileged applications to access contact information. | Android | 5.5 | ||
| 2021-04-09 | CVE-2021-25358 | A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1 allows local attackers to access IMSI values without any permission via untrusted applications. | Android | 3.3 | ||
| 2021-04-09 | CVE-2021-25359 | An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications. | Android | 3.3 |