CVE-2022-47339
https://notcve.org/view.php?id=CVE-2022-47339
In cmd services, there is a OS command injection issue due to missing permission check. This could lead to local escalation of privilege with system execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210 • CWE-862: Missing Authorization •
CVE-2022-38684
https://notcve.org/view.php?id=CVE-2022-38684
In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. En el servicio de contactos, falta una verificación de permiso. Esto podría provocar una denegación de servicio local en el servicio de contactos sin necesidad de privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001 • CWE-862: Missing Authorization •
CVE-2022-39118
https://notcve.org/view.php?id=CVE-2022-39118
In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. En el controlador sprd_sysdump, existe una posible escritura fuera de los límites debido a una comprobación de los límites faltante. Esto podría provocar una denegación de servicio local en el kernel. • https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2022-44436
https://notcve.org/view.php?id=CVE-2022-44436
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. En el servicio de mensajería, falta una verificación de permisos. Esto podría provocar una denegación de servicio local en el servicio de contactos sin necesidad de privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001 • CWE-862: Missing Authorization •
CVE-2022-39082
https://notcve.org/view.php?id=CVE-2022-39082
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-862: Missing Authorization •