CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0632
https://notcve.org/view.php?id=CVE-2021-0632
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker under certain build conditions with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05560246; Issue ID: ALPS05551383. En wifi driver, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/October-2021 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0631
https://notcve.org/view.php?id=CVE-2021-0631
In wifi driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05551435; Issue ID: ALPS05551435. En wifi driver, se presenta un posible fallo del sistema debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/October-2021 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0630
https://notcve.org/view.php?id=CVE-2021-0630
In wifi driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05551397; Issue ID: ALPS05551397. En wifi driver, se presenta un posible bloqueo del sistema debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/October-2021 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0870 – Android NFC Type Confusion
https://notcve.org/view.php?id=CVE-2021-0870
In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-192472262 En la función RW_SetActivatedTagType del archivo rw_main.cc, se presenta una posible corrupción de memoria debido a una condición de carrera. Esto podría conllevar a una ejecución de código remota sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. • http://packetstormsecurity.com/files/164704/Android-NFC-Type-Confusion.html https://source.android.com/security/bulletin/2021-10-01 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0652
https://notcve.org/view.php?id=CVE-2021-0652
In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185178568 En la función VectorDrawable::VectorDrawable del archivo VectorDrawable.java, se presenta una posible forma de introducir una corrupción de memoria debido a la compartición de objetos no seguros para hilos. Esto podría conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. • https://source.android.com/security/bulletin/2021-10-01 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •