SB2023050131 - Multiple vulnerabilities in Google Android
Published: May 1, 2023 Updated: May 16, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 45 secuirty vulnerabilities.
1) Reachable Assertion (CVE-ID: CVE-2022-40508)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
2) Reachable Assertion (CVE-ID: CVE-2022-40504)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
3) Reachable Assertion (CVE-ID: CVE-2022-34144)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
4) NULL Pointer Dereference (CVE-ID: CVE-2022-33305)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
5) Buffer over-read (CVE-ID: CVE-2022-33273)
The vulnerability allows a local application to read and manipulate data.
The vulnerability exists due to improper input validation in Trusted Execution Environment. A local application can read and manipulate data.
6) Memory corruption (CVE-ID: CVE-2022-25713)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Automotive. A local application can execute arbitrary code.
7) Memory leak (CVE-ID: CVE-2023-21666)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Graphics. A local application can execute arbitrary code.
8) Type conversion (CVE-ID: CVE-2023-21665)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Graphics. A local application can execute arbitrary code.
9) Use-after-free (CVE-ID: CVE-2022-46891)
The vulnerability allows a local application to escalate privileges on the system.
10) Out-of-bounds read (CVE-ID: CVE-2022-46396)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A local application can trigger an out-of-bounds read error and read contents of memory on the system.
11) Use-after-free (CVE-ID: CVE-2022-46395)
The vulnerability allows a local application to escalate privileges on the system.
12) Use-after-free (CVE-ID: CVE-2023-0266)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_ctl_elem_read() function in the Linux kernel sound subsystem. A local user can trigger a use-after-free error and execute arbitrary code on the system.
Note, the vulnerability is being actively exploited in the wild.
13) Improper input validation (CVE-ID: CVE-2023-21111)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the System component. A local application can perform a denial of service (DoS) attack.
14) Improper input validation (CVE-ID: CVE-2023-21116)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
15) Information exposure (CVE-ID: CVE-2023-20914)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
16) Improper input validation (CVE-ID: CVE-2023-21117)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
17) Improper input validation (CVE-ID: CVE-2023-21109)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
18) Improper input validation (CVE-ID: CVE-2022-20338)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
19) Information exposure (CVE-ID: CVE-2023-21118)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
20) Information exposure (CVE-ID: CVE-2023-21104)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
21) Improper input validation (CVE-ID: CVE-2023-21103)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the System component. A local application can perform a denial of service (DoS) attack.
22) Information exposure (CVE-ID: CVE-2023-21112)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
23) Improper input validation (CVE-ID: CVE-2023-21110)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Frameworks component. A local application can execute arbitrary code.
24) Improper input validation (CVE-ID: CVE-2023-21107)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
25) Improper input validation (CVE-ID: CVE-2023-20930)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.
26) Buffer overflow (CVE-ID: CVE-2023-26085)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in the Arm NNAPI driver. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
27) Double Free (CVE-ID: CVE-2023-21106)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the adreno_set_param() function in adreno_gpu.c. A local application can trigger a double free error and execute arbitrary code with elevated privileges.
28) Security features bypass (CVE-ID: CVE-2023-21102)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists die to a logic error within the __efi_rt_asm_wrapper() function in efi-rt-wrapper.S. A local application can bypass the shadow stack protection and execute arbitrary code with elevated privileges.
29) Buffer overflow (CVE-ID: CVE-2021-0877)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in PowerVR-GPU. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
30) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2021-39617)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions within the Android framework. A local application can escalate privileges on the system.
31) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-20444)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions within the Android framework. A local application can escalate privileges on the system.
32) Use-after-free (CVE-ID: CVE-2022-46394)
The vulnerability allows a local application to escalate privileges on the system.
33) Out-of-bounds write (CVE-ID: CVE-2022-47469)
The vulnerability allows a local privileged application to compromise the affected device.
The vulnerability exists due to a possible out of bounds read due to a missing bounds check within the ext4fsfilter driver in Kernel. A local privileged application can compromise the affected device.
34) Stack-based buffer overflow (CVE-ID: CVE-2022-47470)
The vulnerability allows a local privileged application to compromise the affected device.
The vulnerability exists due to a possible out of bounds read due to a missing bounds check within the ext4fsfilter driver in Kernel. A local privileged application can compromise the affected device.
35) Stack-based buffer overflow (CVE-ID: CVE-2022-47486)
The vulnerability allows a local privileged application to compromise the affected device.
The vulnerability exists due to a possible out of bounds read due to a missing bounds check within the ext4fsfilter driver in Kernel. A local privileged application can compromise the affected device.
36) Buffer overflow (CVE-ID: CVE-2022-47487)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to a possible out of bounds write due to a missing bounds check within the thermal service in Android. A remote attacker can trick the victim to open a specially crafted file and read and manipulate data.
37) Memory corruption (CVE-ID: CVE-2022-47488)
The vulnerability allows a local application to damange or delete data.
The vulnerability exists due to a possible out of bounds write due to a missing bounds check within the spipe drive in Kernel. A local application can damange or delete data.
38) Improper input validation (CVE-ID: CVE-2023-20694)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within preloader. A local privileged application can execute arbitrary code.
39) Improper input validation (CVE-ID: CVE-2023-20695)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within preloader. A local privileged application can execute arbitrary code.
40) Improper input validation (CVE-ID: CVE-2023-20696)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within preloader. A local privileged application can execute arbitrary code.
41) Improper input validation (CVE-ID: CVE-2023-20697)
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to a missing bounds check within keyinstall. A local privileged application can gain access to sensitive information.
42) Improper input validation (CVE-ID: CVE-2023-20698)
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to a missing bounds check within keyinstall. A local privileged application can gain access to sensitive information.
43) Improper input validation (CVE-ID: CVE-2023-20699)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within adsp. A local privileged application can execute arbitrary code.
44) Improper Access Control (CVE-ID: CVE-2023-20726)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to a missing permission check within mnld. A local application can gain access to sensitive information.
45) Improper input validation (CVE-ID: CVE-2023-20993)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
Remediation
Install update from vendor's website.
References
- https://source.android.com/docs/security/bulletin/2023-05-01#2023-05-05-security-patch-level-vulnerability-details
- https://source.android.com/docs/security/bulletin/2023-05-01
- https://android.googlesource.com/kernel/common/+/8103d53f25ec7
- https://android.googlesource.com/kernel/common/+/ec6fe823507b2f6ef4a58f3a9bee9a5ec086c32c
- https://android.googlesource.com/kernel/common/+/984241bdc04f401c423005a52eb013b00e19358c