CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35690
https://notcve.org/view.php?id=CVE-2023-35690
In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Hay elevación de privilegios. • https://source.android.com/security/bulletin/2023-12-01 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35668
https://notcve.org/view.php?id=CVE-2023-35668
In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. En visitUris de Notification.java, existe una forma posible de mostrar imágenes de otro usuario debido a un diputado confundido. Esto podría dar lugar a la divulgación de información local sin necesidad de privilegios de ejecución adicionales. • https://android.googlesource.com/platform/frameworks/base/+/b7bd7df91740da680a5c3a84d8dd91b4ca6956dd https://source.android.com/security/bulletin/2023-12-01 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21403
https://notcve.org/view.php?id=CVE-2023-21403
In RGXDestroyZSBufferKM of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Hay elevación de privilegios. • https://source.android.com/security/bulletin/2023-12-01 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21402
https://notcve.org/view.php?id=CVE-2023-21402
In MMU_UnmapPages of mmu_common.c, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Hay elevación de privilegios. • https://source.android.com/security/bulletin/2023-12-01 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21401
https://notcve.org/view.php?id=CVE-2023-21401
In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Hay elevación de privilegios. • https://source.android.com/security/bulletin/2023-12-01 •