CVE-2023-21111
https://notcve.org/view.php?id=CVE-2023-21111
In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769 • https://source.android.com/security/bulletin/2023-05-01 • CWE-20: Improper Input Validation •
CVE-2023-20719
https://notcve.org/view.php?id=CVE-2023-20719
In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629583; Issue ID: ALPS07629583. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-20: Improper Input Validation •
CVE-2023-21117
https://notcve.org/view.php?id=CVE-2023-21117
In registerReceiverWithFeature of ActivityManagerService.java, there is a possible way for isolated processes to register a broadcast receiver due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263358101 • https://source.android.com/security/bulletin/2023-05-01 •
CVE-2023-20720
https://notcve.org/view.php?id=CVE-2023-20720
In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629586; Issue ID: ALPS07629586. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-20: Improper Input Validation •
CVE-2023-20707
https://notcve.org/view.php?id=CVE-2023-20707
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628556; Issue ID: ALPS07628556. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-20: Improper Input Validation •