Product:

Android

(Google)
Repositories https://github.com/torvalds/linux
#Vulnerabilities 7210
Date Id Summary Products Score Patch Annotated
2023-03-24 CVE-2023-21061 Product: AndroidVersions: Android kernelAndroid ID: A-229255400References: N/A Android 7.5
2023-03-24 CVE-2023-21067 Product: AndroidVersions: Android kernelAndroid ID: A-254114726References: N/A Android 7.5
2023-03-24 CVE-2023-21068 In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user. This could lead to local escalation of privilege after preparing the device, hiding the warning, and passing the phone to a new user, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243433344References: N/A Android 7.8
2023-03-24 CVE-2023-21042 In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239873326References: N/A Android 6.7
2024-03-11 CVE-2024-22011 In ss_ProcessRejectComponent of ss_MmConManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Android 7.5
2024-03-11 CVE-2024-27218 In update_freq_data of , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Android 5.5
2024-03-11 CVE-2024-27227 A malicious DNS response can trigger a number of OOB reads, writes, and other memory issues Android 9.8
2024-03-11 CVE-2024-27229 In ss_SendCallBarringPwdRequiredIndMsg of ss_CallBarring.c, there is a possible null pointer deref due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Android 7.5
2024-03-11 CVE-2024-27237 In wipe_ns_memory of nsmemwipe.c, there is a possible incorrect size calculation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Android 5.5
2025-02-03 CVE-2025-20635 In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09403752; Issue ID: MSV-2434. Android, Yocto, Openwrt, Rdk\-B 6.6