Android Google Android Mobile operating system

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Google Android.

Recent Google Android Security Advisories

Advisory Title Published
2024-12-01 Android Security Bulletin December 2024 December 1, 2024
Android Security Bulletin—September 2018 | Android Open Source Project November 19, 2024
Android Security Bulletin—July 2018 | Android Open Source Project November 19, 2024
Android Security Bulletin—June 2018 | Android Open Source Project November 14, 2024
Android Security Bulletin November 2024 | Android Open Source Project November 13, 2024
2024-11-01 Android Security Bulletin November 2024 November 1, 2024
Pixel Update Bulletin—October 2024 | Android Open Source Project October 25, 2024
2024-10-01 Android Security Bulletin October 2024 October 1, 2024
Pixel Update Bulletin—September 2024 | Android Open Source Project September 13, 2024
2024-09-01 Android Security Bulletin—September 2024 September 1, 2024

By the Year

In 2024 there have been 546 vulnerabilities in Google Android with an average score of 7.2 out of ten. Last year Android had 744 security vulnerabilities published. Right now, Android is on track to have less security vulnerabilities in 2024 than it did last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.45.

Year Vulnerabilities Average Score
2024 546 7.17
2023 744 6.72
2022 900 6.45
2021 574 6.60
2020 699 7.00
2019 491 7.11
2018 294 7.58

It may take a day or so for new Android vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Google Android Security Vulnerabilities

Android RIL Component Integer Overflow Leading to Local Privilege Escalation

CVE-2018-9404 - December 05, 2024

In oemCallback of ril.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Android Bluetooth SDP Discovery Out-of-Bounds Read Vulnerability

CVE-2018-9441 - December 03, 2024

In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Android Bluetooth SDP Discovery Out-of-Bounds Read Vulnerability

CVE-2018-9449 - December 03, 2024

In process_service_search_attr_rsp of sdp_discovery.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Android Bluetooth Stack Buffer Overflow Vulnerability in dtif_rc.cc

CVE-2018-9418 - December 02, 2024

In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Android RSA Key Pair Generation Weakness in RSAKeyPairGenerator

CVE-2018-9426 - December 02, 2024

In  RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect implementation could cause weak RSA key pairs being generated. This could lead to crypto vulnerability with no additional execution privileges needed. User interaction is not needed for exploitation. Bulletin Fix: The fix is designed to correctly implement the key generation according to FIPS standard.

Android System UI Out-of-Bounds Read Vulnerability in ItemTable

CVE-2018-9429 - December 02, 2024

In buildImageItemsIfPossible of ItemTable.cpp there is a possible out of bound read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Android Bluetooth Stack Out-of-Bounds Write Vulnerability in btif_storage.cc

CVE-2018-9430 - December 02, 2024

In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Android OSUInfo Privilege Escalation Vulnerability

CVE-2018-9431 - December 02, 2024

In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Android Bluetooth GATT Client Out-of-Bounds Read Vulnerability

CVE-2018-9435 - December 02, 2024

In gatt_process_error_rsp of gatt_cl.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Bluetooth Stack Remote Code Execution Vulnerability in Android

CVE-2018-9413 - December 02, 2024

In handle_notification_response of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

Android Bluetooth GATT Server Out-of-Bounds Write Vulnerability

CVE-2018-9414 - December 02, 2024

In gattServerSendResponseNative of com_android_bluetooth_gatt.cpp, there is a possible out of bounds stack write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Android Bluetooth Stack Out-of-Bounds Write Vulnerability in l2c_lcc_proc_pdu

CVE-2018-9380 - December 02, 2024

In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Bluetooth Stack Information Disclosure Vulnerability in Android

CVE-2018-9381 - December 02, 2024

In gatts_process_read_by_type_req of gatt_sr.c, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory corruption while processing API calls to NPU with invalid input.

CVE-2024-43052 7.8 - High - December 02, 2024

Memory corruption while processing API calls to NPU with invalid input.

Improper Input Validation

Memory corruption when invalid input is passed to invoke GPU Headroom API call.

CVE-2024-43048 7.8 - High - December 02, 2024

Memory corruption when invalid input is passed to invoke GPU Headroom API call.

Stack Overflow

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

CVE-2024-33056 8.4 - High - December 02, 2024

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

Buffer Over-read

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

CVE-2024-33044 8.4 - High - December 02, 2024

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

out-of-bounds array index

Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside

CVE-2024-33063 7.5 - High - December 02, 2024

Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.

Integer Overflow or Wraparound

MediaTek vdec Out-of-Bounds Write Vulnerability

CVE-2024-20125 - December 02, 2024

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained System privileges. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728.

RIL Out-of-Bounds Write Vulnerability in Android

CVE-2024-20134 - December 02, 2024

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV-1866.

Android SoundTrigger Out-of-Bounds Write Vulnerability

CVE-2024-20135 - December 02, 2024

In soundtrigger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09142526; Issue ID: MSV-1841.

Android PackageManagerService Local Privilege Escalation Vulnerability

CVE-2018-9374 - November 28, 2024

In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Android ih264e_fmt_conv_420p_to_420sp Out-of-Bounds Read Vulnerability

CVE-2018-9351 - November 27, 2024

In ih264e_fmt_conv_420p_to_420sp of ih264e_fmt_conv.c there is a possible out of bound read due to missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

Divide by Zero Vulnerability in VideoFrameScheduler of Android

CVE-2018-9354 - November 27, 2024

In VideoFrameScheduler.cpp of VideoFrameScheduler::PLL::fit, there is a possible remote denial of service due to divide by 0. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

Android RecognitionService Permissions Bypass Vulnerability

CVE-2017-13316 - November 27, 2024

In checkPermissions of RecognitionService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Android Stagefright Media Library Buffer Overread Vulnerability

CVE-2017-13319 - November 27, 2024

In pvmp3_get_main_data_size of pvmp3_get_main_data_size.cpp, there is a possible buffer overread due to a missing bounds check. This could lead to remote information disclosure of global static variables with no additional execution privileges needed. User interaction is not needed for exploitation.

Android Audio Playback Information Disclosure Vulnerability

CVE-2017-18307 8.4 - High - November 26, 2024

Information disclosure possible while audio playback.

Information Disclosure

Android MediaServer Heap Use-After-Free via Crafted Binder Request

CVE-2018-11816 7.8 - High - November 26, 2024

Crafted Binder Request Causes Heap UAF in MediaServer

Dangling pointer

Android Framework WiFi Information Disclosure Vulnerability

CVE-2020-12492 - November 25, 2024

Improper handling of WiFi information by framework services can allow certain malicious applications to obtain sensitive information.

Android Framework Service Permissions Misconfiguration Leading to Information Leakage

CVE-2020-12491 - November 25, 2024

Improper control of framework service permissions with possibility of some sensitive device information leakage.

Bluetooth Stack Use-After-Free Vulnerability in Android

CVE-2018-9483 - November 20, 2024

In bta_dm_remove_sec_dev_entry of bta_dm_act.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.

Android Vpn.java Local Denial of Service Vulnerability

CVE-2018-9487 - November 20, 2024

In setVpnForcedLocked of Vpn.java, there is a possible blocking of internet traffic through vpn due to a bad uid check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

Android Bluetooth HID Host Out-of-Bounds Read Vulnerability

CVE-2018-9486 - November 20, 2024

In hidh_l2cif_data_ind of hidh_conn.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.

Android Bluetooth Stack Out-of-Bounds Read Vulnerability in l2cble_process_sig_cmd

CVE-2018-9485 - November 20, 2024

In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.

Bluetooth Stack Out-of-Bounds Read Vulnerability in Android

CVE-2018-9484 - November 20, 2024

In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Android Bluetooth Service Integer Overflow Vulnerability

CVE-2018-9482 - November 20, 2024

In intr_data_copy_cb of btif_hd.cc, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.

Bluetooth Service Integer Overflow Vulnerability in Android

CVE-2018-9481 - November 20, 2024

In bta_hd_set_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.

Bluetooth Service Out-of-Bounds Read Vulnerability in Android

CVE-2018-9480 - November 20, 2024

In bta_hd_get_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.

Bluetooth SDP Server Out-of-Bounds Write Vulnerability

CVE-2018-9479 - November 20, 2024

In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed.  User interaction is not needed for exploitation.

Android Bluetooth SDP Server Out-of-Bounds Write Vulnerability

CVE-2018-9478 - November 20, 2024

In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed.  User interaction is not needed for exploitation.

Android Settings App Authentication Bypass Vulnerability

CVE-2018-9477 - November 20, 2024

In the development options section of the Settings app, there is a possible authentication bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Android Bluetooth Stack Overflow Vulnerability in HeadsetInterface

CVE-2018-9475 - November 20, 2024

In HeadsetInterface::ClccResponse of btif_hf.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote escalation of privilege via Bluetooth, if the recipient has enabled SIP calls with no additional execution privileges needed. User interaction is not needed for exploitation.

Android MediaPlayer Serialization/Deserialization Mismatch Vulnerability

CVE-2018-9474 - November 20, 2024

In writeToParcel of MediaPlayer.java, there is a possible serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Android NanoAppFilter Type Confusion Local Privilege Escalation Vulnerability

CVE-2018-9471 - November 20, 2024

In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.

Android BFF Scanner Out-of-Bounds Write Vulnerability

CVE-2018-9470 - November 20, 2024

In bff_Scanner_addOutPos of Scanner.c, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege in an unprivileged app with no additional execution privileges needed. User interaction is needed for exploitation.

Android ShortcutService Privilege Escalation Vulnerability

CVE-2018-9469 - November 20, 2024

In multiple functions of ShortcutService.java, there is a possible creation of a spoofed shortcut due to a missing permission check. This could lead to local escalation of privilege in a privileged app with no additional execution privileges needed. User interaction is needed for exploitation.

Android DownloadManager Permissions Bypass Vulnerability

CVE-2018-9468 - November 20, 2024

In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation.

Android UriTest Incorrect Web Origin Determination Vulnerability

CVE-2018-9467 9.8 - Critical - November 20, 2024

In the getHost() function of UriTest.java, there is the possibility of incorrect web origin determination. This could lead to incorrect security decisions with no additional execution privileges needed. User interaction is not needed for exploitation.

Android XML Parsing Out-of-Bounds Write Vulnerability

CVE-2018-9466 8.8 - High - November 19, 2024

In the xmlSnprintfElementContent function of valid.c, there is a possible out of bounds write. This could lead to remote escalation of privilege in an unprivileged app with no additional execution privileges needed. User interaction is needed for exploitation.

Memory Corruption

Bluetooth Stack Out-of-Bounds Read Vulnerability in SDP Attribute Sequence Extraction

CVE-2018-9456 7.5 - High - November 19, 2024

In sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Out-of-bounds Read

Android M3UParser Resource Exhaustion Vulnerability

CVE-2018-9440 6.5 - Medium - November 19, 2024

In parse of M3UParser.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

Android BluetoothPermissionActivity Permissions Bypass Vulnerability

CVE-2018-9432 7.8 - High - November 19, 2024

In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible permissions bypass. This could lead to local escalation of privilege due to hiding and bypassing the user's ability to disable access to contacts, with no additional execution privileges needed. User interaction is needed for exploitation.

Android AAudioServiceStreamBase Use-After-Free Vulnerability

CVE-2018-9428 7.8 - High - November 19, 2024

In startDevice of AAudioServiceStreamBase.cpp there is a possible out of bounds write due to a use after free. This could lead to local arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. https://source.android.com/security/bulletin/2018-07-01

Memory Corruption

Android CryptoPlugin Out-of-Bounds Write Vulnerability

CVE-2018-9424 7.8 - High - November 19, 2024

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

Android Parcel Binder Information Disclosure Vulnerability

CVE-2018-9421 5.5 - Medium - November 19, 2024

In writeInplace of Parcel.cpp, there is a possible information leak across processes, using Binder, due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Use of Uninitialized Resource

Android CameraService Information Disclosure Vulnerability

CVE-2018-9420 5.5 - Medium - November 19, 2024

In BnCameraService::onTransact of CameraService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Use of Uninitialized Resource

Bluetooth Stack Out-of-Bounds Read Vulnerability in Android

CVE-2018-9419 7.5 - High - November 19, 2024

In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Out-of-bounds Read

Android USB HID Gadget Driver Use-After-Free Vulnerability

CVE-2018-9417 7.8 - High - November 19, 2024

In f_hidg_read and hidg_disable of f_hid.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Dangling pointer

Android Media Framework ID3 Parser Resource Exhaustion Vulnerability

CVE-2018-9412 5.5 - Medium - November 19, 2024

In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

ClearKeyCasPlugin Out-of-Bounds Write Vulnerability

CVE-2018-9411 8.8 - High - November 19, 2024

In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation.

Memory Corruption

V8 JavaScript Engine: Type Confusion in ArrayConcatVisitor

CVE-2018-9433 8.8 - High - November 19, 2024

In ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

Bluetooth Stack Out-of-Bounds Read Vulnerability in Android

CVE-2018-9365 - November 19, 2024

In smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code execution due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

Android FontUtils Out-of-Bounds Read Vulnerability

CVE-2018-9410 5.5 - Medium - November 19, 2024

In analyzeAxes of FontUtils.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Out-of-bounds Read

LG LAF Component Secure Boot Bypass Vulnerability

CVE-2018-9364 7.5 - High - November 19, 2024

In the LG LAF component, there is a special command that allowed modification of certain partitions. This could lead to bypass of secure boot. User interaction is not needed for exploitation.

Integer Overflow in Qualcomm IMSA Client and Video Telephony Components

CVE-2018-9366 7.8 - High - November 19, 2024

In IMSA_Recv_Thread and VT_IMCB_Thread of ImsaClient.cpp and VideoTelephony.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Integer Overflow or Wraparound

FT_ACDK_CCT_V2_OP_ISP_SET_TUNING_PARAS Out-of-Bounds Write Vulnerability in MediaTek

CVE-2018-9367 7.8 - High - November 19, 2024

In FT_ACDK_CCT_V2_OP_ISP_SET_TUNING_PARAS of Meta_CCAP_Para.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

MTK SCO Audio Kernel Memory Write Vulnerability

CVE-2018-9368 7.8 - High - November 19, 2024

In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies. This could lead to local escalation of privilege with system  execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

Memory Corruption Vulnerability in Linux Kernel's Download Component

CVE-2018-9370 7.3 - High - November 19, 2024

In download.c there is a special mode allowing user to download data into memory and causing possible memory corruptions due to missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Memory Corruption

Mediatek Preloader Out-of-Bounds Memory Access Vulnerability

CVE-2018-9371 6.4 - Medium - November 19, 2024

In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional execution privileges needed. User interaction is needed for exploitation.

Out-of-bounds Read

SMF_ParseMetaEvent Integer Overflow Vulnerability in Android

CVE-2018-9348 6.5 - Medium - November 19, 2024

In SMF_ParseMetaEvent of eas_smf.c, there is a possible integer overflow. This could lead to remote denial of service due to resource exhaustion with no additional execution privileges needed. User interaction is needed for exploitation.

Integer Overflow or Wraparound

Android Bootloader Fastboot Command Local Privilege Escalation Vulnerability

CVE-2018-9369 7.3 - High - November 19, 2024

In bootloader there is fastboot command allowing user specified kernel command line arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Android Graphics HAL Out-of-Bounds Write Vulnerability

CVE-2018-9409 - November 19, 2024

In HWCSession::SetColorModeById of hwc_session.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

VLC Media Player: Out-of-Bounds Write in impeg2d_mc_fullx_fully Function

CVE-2018-9341 7.8 - High - November 19, 2024

In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation.

Memory Corruption

Exynos Baseband: Use After Free in DescramblerImpl.cpp

CVE-2018-9344 7.8 - High - November 19, 2024

In several functions of DescramblerImpl.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Improper Locking

Android Parcel Type Confusion Privilege Escalation Vulnerability

CVE-2018-9339 7.8 - High - November 19, 2024

In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Object Type Confusion

Android ResourceTypes Out-of-Bounds Information Disclosure Vulnerability

CVE-2018-9340 5.5 - Medium - November 19, 2024

In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure.

Out-of-bounds Read

Android AudioPolicyService Information Disclosure Vulnerability

CVE-2018-9345 5.5 - Medium - November 19, 2024

In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Use of Uninitialized Resource

Android AudioPolicyService Information Disclosure Vulnerability

CVE-2018-9346 5.5 - Medium - November 19, 2024

In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Use of Uninitialized Resource

Android DcParamObject Permission Bypass Vulnerability

CVE-2017-13315 - November 19, 2024

In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is not needed for exploitation.

Android ResourceTypes Out-of-Bounds Write Vulnerability

CVE-2018-9338 7.8 - High - November 19, 2024

In ResStringPool::setTo of ResourceTypes.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Memory Corruption

Android PermissionManagerServiceImpl Local Privilege Escalation Vulnerability

CVE-2023-21270 - November 19, 2024

In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Android NetworkManagementService Security Bypass Vulnerability

CVE-2017-13314 - November 15, 2024

In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with no additional execution privileges needed. User interaction is not needed for exploitation.

Android Stagefright Vulnerability in ESQueue.cpp Leading to Remote DoS

CVE-2017-13313 - November 15, 2024

In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

Android ViewPager Serialization Vulnerability

CVE-2017-13310 - November 15, 2024

In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.

Android ProcessStats.java read() Function Permissions Bypass Vulnerability

CVE-2017-13311 - November 15, 2024

In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.

Android MediaCas Local Privilege Escalation Vulnerability

CVE-2017-13312 - November 15, 2024

In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation.

In the autofill service, the package name that is provided by the app process is trusted inappropriately

CVE-2017-13227 5.5 - Medium - November 14, 2024

In the autofill service, the package name that is provided by the app process is trusted inappropriately.  This could lead to information disclosure with no additional execution privileges needed.  User interaction is not needed for exploitation.

Android AdminRestrictedPermissionsUtils Local Privilege Escalation via Missing Permission Check

CVE-2024-40661 - November 13, 2024

In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to access the microphone due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

PowerVR Graphics Driver Kernel-Mode Driver Local Privilege Escalation Vulnerability

CVE-2023-35686 7.8 - High - November 13, 2024

In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

In DevmemIntChangeSparse of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code

CVE-2023-35659 7.8 - High - November 13, 2024

In DevmemIntChangeSparse of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Android DevmemIntChangeSparse2 Local Privilege Escalation Vulnerability

CVE-2024-40671 - November 13, 2024

In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary code execution due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Android WifiConfigurationUtil Resource Exhaustion Denial of Service Vulnerability

CVE-2024-43083 - November 13, 2024

In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Android: Cross-User Image Read Vulnerability Due to Missing Permission Check

CVE-2024-43090 - November 13, 2024

In multiple locations, there is a possible cross-user image read due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.

Android MediaProvider Local Privilege Escalation Vulnerability

CVE-2024-43089 - November 13, 2024

In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Android AppInfoBase Permission Manipulation Vulnerability

CVE-2024-43088 - November 13, 2024

In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission settings belonging to another user on the device due to a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.

Android Accessibility Service Settings Privilege Escalation Vulnerability

CVE-2024-43087 - November 13, 2024

In getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hide an enabled accessibility service in the accessibility service settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Android AppRestrictionsFragment Unsafe Deserialization Privilege Escalation Vulnerability

CVE-2024-43080 - November 13, 2024

In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Android SurfaceFlinger Local Privilege Escalation Vulnerability

CVE-2024-40660 - November 13, 2024

In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display attributes due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Android UsbDeviceManager Logic Error Allows Local Privilege Escalation

CVE-2024-43085 - November 13, 2024

In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over USB without unlocking the device due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Android Package Installer Privilege Escalation Vulnerability

CVE-2024-43081 - November 13, 2024

In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Google Android or by Google? Click the Watch button to subscribe.

Google
Vendor

Google Android
Mobile operating system

subscribe