CVE-2023-20930
https://notcve.org/view.php?id=CVE-2023-20930
In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-250576066 • https://source.android.com/security/bulletin/2023-05-01 • CWE-400: Uncontrolled Resource Consumption •
CVE-2023-20673
https://notcve.org/view.php?id=CVE-2023-20673
In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2023-21110
https://notcve.org/view.php?id=CVE-2023-21110
In several functions of SnoozeHelper.java, there is a possible way to grant notifications access due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258422365 • https://source.android.com/security/bulletin/2023-05-01 • CWE-400: Uncontrolled Resource Consumption •
CVE-2023-20706
https://notcve.org/view.php?id=CVE-2023-20706
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767860; Issue ID: ALPS07767860. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-125: Out-of-bounds Read •
CVE-2023-20711
https://notcve.org/view.php?id=CVE-2023-20711
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-125: Out-of-bounds Read •