CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48421
https://notcve.org/view.php?id=CVE-2023-48421
08 Dec 2023 — In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. En gpu_pixel_handle_buffer_liveness_update_ioctl de private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c, existe una posible escritura fuera de los límite... • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48420
https://notcve.org/view.php?id=CVE-2023-48420
08 Dec 2023 — there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Existe un posible use after free debido a una condición de ejecución. Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48416
https://notcve.org/view.php?id=CVE-2023-48416
08 Dec 2023 — In multiple locations, there is a possible null dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. En varias ubicaciones, existe una posible desreferencia nula debido a que falta una verificación nula. Esto podría provocar una denegación remota de servicio sin necesidad de privilegios de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48415
https://notcve.org/view.php?id=CVE-2023-48415
08 Dec 2023 — In Init of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. En Init de protocolembmsadapter.cpp, existe una posible lectura fuera de los límites debido a una verificación de los límites faltantes. Esto podría dar lugar a la divulgación de información local sin necesidad de privilegios de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48414
https://notcve.org/view.php?id=CVE-2023-48414
08 Dec 2023 — In the Pixel Camera Driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. En Pixel Camera Driver, existe un posible use after free debido a un error lógico en el código. Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48413
https://notcve.org/view.php?id=CVE-2023-48413
08 Dec 2023 — In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. En Init de protocolnetadapter.cpp, existe una posible lectura fuera de los límites debido a una verificación de los límites faltantes. Esto podría conducir a la divulgación remota de información con privilegios de ejecución de System necesarios. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48412
https://notcve.org/view.php?id=CVE-2023-48412
08 Dec 2023 — In private_handle_t of mali_gralloc_buffer.h, there is a possible information leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. En private_handle_t de mali_gralloc_buffer.h, existe una posible fuga de información debido a un error lógico en el código. Esto podría dar lugar a la divulgación de información local sin necesidad de privilegios de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2023-12-01 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48411
https://notcve.org/view.php?id=CVE-2023-48411
08 Dec 2023 — In SignalStrengthAdapter::FillGsmSignalStrength() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. En SignalStrengthAdapter::FillGsmSignalStrength() de protocolmiscadapter.cpp, existe una posible lectura fuera de los límites debido a una verificación de los límites faltantes. Esto podría dar lugar a la divulgación de inf... • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48410
https://notcve.org/view.php?id=CVE-2023-48410
08 Dec 2023 — In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. En cd_ParseMsg de cd_codec.c, hay una posible lectura fuera de los límites debido a una comprobación de los límites faltantes. Esto podría conducir a la divulgación remota de información sin necesidad de privilegios de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48409
https://notcve.org/view.php?id=CVE-2023-48409
08 Dec 2023 — In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. En gpu_pixel_handle_buffer_liveness_update_ioctl de private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, existe una posible escritura fuera de los límites debido a un desbor... • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-190: Integer Overflow or Wraparound •