CVE-2022-38683
https://notcve.org/view.php?id=CVE-2022-38683
In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. En el servicio de contactos, falta una verificación de permiso. Esto podría provocar una denegación de servicio local en el servicio de contactos sin necesidad de privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001 • CWE-862: Missing Authorization •
CVE-2022-32636
https://notcve.org/view.php?id=CVE-2022-32636
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07510064. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-787: Out-of-bounds Write •
CVE-2022-32637
https://notcve.org/view.php?id=CVE-2022-32637
In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07491374; Issue ID: ALPS07491374. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-787: Out-of-bounds Write •
CVE-2022-32635
https://notcve.org/view.php?id=CVE-2022-32635
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573237. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-787: Out-of-bounds Write •
CVE-2022-20411
https://notcve.org/view.php?id=CVE-2022-20411
In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-232023771 En avdt_msg_asmbl de avdt_msg.cc, hay una posible escritura fuera de los límites debido a una comprobación de los límites faltante. Esto podría llevar a la ejecución remota de código a través de Bluetooth sin necesidad de privilegios de ejecución adicionales. No se necesita la interacción del usuario para la explotación.Producto: AndroidVersiones: Android-10 Android-11 Android-12 Android-12L Android-13ID de Android: A-232023771 • https://source.android.com/security/bulletin/2022-12-01 • CWE-787: Out-of-bounds Write •