CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2021-0349
https://notcve.org/view.php?id=CVE-2021-0349
In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11; Patch ID: ALPS05362646. En el controlador de pantalla, se presenta una posible corrupción de la memoria debido a un uso de la memoria previamente liberada. • https://corp.mediatek.com/product-security-acknowledgements • CWE-416: Use After Free •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2021-0348
https://notcve.org/view.php?id=CVE-2021-0348
In vpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11; Patch ID: ALPS05349201. En vpu, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-acknowledgements • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0347
https://notcve.org/view.php?id=CVE-2021-0347
In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05377188. En ccu, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-acknowledgements • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26687
https://notcve.org/view.php?id=CVE-2021-26687
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. In preloaded applications, the HostnameVerified default is mishandled. The LG ID is LVE-SMP-200029 (February 2021). Se detectó un problema en los dispositivos móviles LG con software de Sistema Operativo Android versiones 8.0, 8.1, 9.0 y 10. En aplicaciones precargadas, el HostnameVerified es manejado inapropiadamente. • https://lgsecurity.lge.com •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26689
https://notcve.org/view.php?id=CVE-2021-26689
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. The USB laf gadget has a use-after-free. The LG ID is LVE-SMP-200031 (February 2021). Se detectó un problema en los dispositivos móviles LG con software de Sistema Operativo Android versiones 8.0, 8.1, 9.0 y 10. El gadget laf USB presenta un uso de la memoria previamente liberada. • https://lgsecurity.lge.com • CWE-416: Use After Free •