CVE-2023-20979
https://notcve.org/view.php?id=CVE-2023-20979
In GetNextSourceDataPacket of bta_av_co.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259939364 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-125: Out-of-bounds Read •
CVE-2023-20966
https://notcve.org/view.php?id=CVE-2023-20966
In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242299736 • https://source.android.com/security/bulletin/2023-03-01 • CWE-787: Out-of-bounds Write •
CVE-2023-20996
https://notcve.org/view.php?id=CVE-2023-20996
In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246749764 • https://source.android.com/security/bulletin/pixel/2023-03-01 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2023-21009
https://notcve.org/view.php?id=CVE-2023-21009
In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257029925 • https://source.android.com/security/bulletin/pixel/2023-03-01 • CWE-125: Out-of-bounds Read •
CVE-2023-21031
https://notcve.org/view.php?id=CVE-2023-21031
In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242688355 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-125: Out-of-bounds Read CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •