SB2024020616 - Multiple vulnerabilities in Google Android
Published: February 6, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 46 secuirty vulnerabilities.
1) Stack-based buffer overflow (CVE-ID: CVE-2023-43520)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in WLAN HOST. A remote attacker can read and manipulate data.
2) Buffer over-read (CVE-ID: CVE-2023-43536)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.
3) Buffer over-read (CVE-ID: CVE-2023-43533)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.
4) Reachable Assertion (CVE-ID: CVE-2023-43523)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.
5) NULL Pointer Dereference (CVE-ID: CVE-2023-43522)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.
6) Buffer overflow (CVE-ID: CVE-2023-43519)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in Video. A remote attacker can read and manipulate data.
7) Untrusted Pointer Dereference (CVE-ID: CVE-2023-43518)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in Video. A remote attacker can read and manipulate data.
8) Configuration (CVE-ID: CVE-2023-33076)
The vulnerability allows a local application to read and manipulate data.
The vulnerability exists due to improper input validation in Core. A local application can read and manipulate data.
9) Buffer overflow (CVE-ID: CVE-2023-33072)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Core. A local application can execute arbitrary code.
10) Buffer over-read (CVE-ID: CVE-2023-33060)
The vulnerability allows a local application to crash the entire system.
The vulnerability exists due to improper input validation in Core. A local application can crash the entire system.
11) Buffer over-read (CVE-ID: CVE-2023-33058)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in Modem. A remote attacker can read and manipulate data.
12) Improper input validation (CVE-ID: CVE-2023-33057)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Multi-Mode Call Processor. A remote attacker can perform a denial of service (DoS) attack.
13) Missing release of memory after effective lifetime (CVE-ID: CVE-2023-33049)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Multi-Mode Call Processor. A remote attacker can perform a denial of service (DoS) attack.
14) Time-of-check Time-of-use (TOCTOU) Race Condition (CVE-ID: CVE-2023-33046)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Trusted Execution Environment. A local application can execute arbitrary code.
15) Use of Out-of-range Pointer Offset (CVE-ID: CVE-2023-43534)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in WLAN HOST. A remote attacker can read and manipulate data.
16) Use of Out-of-range Pointer Offset (CVE-ID: CVE-2023-43516)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Video. A local application can execute arbitrary code.
17) Use-after-free (CVE-ID: CVE-2023-5091)
The vulnerability allows a local application to escalate privileges on the device.
The vulnerability exists due to a use-after-free error in Arm kernel. A local application can execute arbitrary code on the system with elevated privileges.
18) Use of Out-of-range Pointer Offset (CVE-ID: CVE-2023-43513)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in PCIe. A local application can execute arbitrary code.
19) Out-of-bounds read (CVE-ID: CVE-2023-49668)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a possible out of bounds read due to a missing bounds check within the cp_dump driver in Kernel. A local application can execute arbitrary code.
20) Buffer over-read (CVE-ID: CVE-2023-49667)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a possible out of bounds read due to a missing bounds check within the cp dump driver in Kernel. A local application can execute arbitrary code.
21) Improper input validation (CVE-ID: CVE-2024-20003)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to an improper input validation within Modem NL1. A local application can perform service disruption.
22) Reachable Assertion (CVE-ID: CVE-2023-32843)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper error handling within 5G Modem. A local application can perform service disruption.
23) Reachable Assertion (CVE-ID: CVE-2023-32842)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper error handling within 5G Modem. A local application can perform service disruption.
24) Reachable Assertion (CVE-ID: CVE-2023-32841)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper error handling within 5G Modem. A local application can perform service disruption.
25) Type confusion (CVE-ID: CVE-2024-20010)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to type confusion within keyInstall. A local privileged application can execute arbitrary code.
26) Improper Check or Handling of Exceptional Conditions (CVE-ID: CVE-2024-20009)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to an incorrect error handling within alac decoder. A local application can execute arbitrary code.
27) Out-of-bounds write (CVE-ID: CVE-2024-20007)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a race condition within mp3 decoder. A local application can execute arbitrary code.
28) Out-of-bounds write (CVE-ID: CVE-2024-20006)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within da. A local privileged application can execute arbitrary code.
29) Out-of-bounds write (CVE-ID: CVE-2024-20011)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to an incorrect bounds check within alac decoder. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
30) Out-of-bounds write (CVE-ID: CVE-2023-5643)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Arm kernel driver. A local application can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
31) Use-after-free (CVE-ID: CVE-2023-5249)
The vulnerability allows a local application to escalate privileges on the device.
32) Information exposure (CVE-ID: CVE-2024-0030)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
33) Information exposure (CVE-ID: CVE-2023-40122)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
34) Improper input validation (CVE-ID: CVE-2024-0041)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
35) Information exposure (CVE-ID: CVE-2024-0037)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
36) Improper input validation (CVE-ID: CVE-2024-0036)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
37) Improper input validation (CVE-ID: CVE-2024-0034)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
38) Improper input validation (CVE-ID: CVE-2024-0032)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
39) Improper input validation (CVE-ID: CVE-2024-0029)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
40) Improper input validation (CVE-ID: CVE-2024-0038)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
41) Improper input validation (CVE-ID: CVE-2024-0033)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
42) Information exposure (CVE-ID: CVE-2024-0040)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
43) Improper input validation (CVE-ID: CVE-2024-0031)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
44) Information exposure (CVE-ID: CVE-2023-40093)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
45) Improper input validation (CVE-ID: CVE-2024-0014)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
46) Improper input validation (CVE-ID: CVE-2024-0035)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
Remediation
Install update from vendor's website.
References
- https://source.android.com/docs/security/bulletin/2024-02-01
- https://android.googlesource.com/platform/packages/modules/Bluetooth/+/57b823f4f758e2ef530909da07552b5aa80c6a7d
- https://android.googlesource.com/platform/frameworks/base/+/55fc00a0788ea0995fe0851616b9ac21710a2931
- https://android.googlesource.com/platform/frameworks/base/+/d6f7188773409c8f5ad5fc7d3eea5b1751439e26
- https://android.googlesource.com/platform/frameworks/base/+/3eaaa9687e90c65f51762deb343f18bef95d4e8e
- https://android.googlesource.com/platform/frameworks/base/+/653f7b0d234693309dc86161af01831b64033fe6
- https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/5acd646e0cf63e2c9c0862da7e03531ef0074394
- https://android.googlesource.com/platform/frameworks/base/+/4af5db76f25348849252e0b8a08f4a517ef842b7
- https://android.googlesource.com/platform/frameworks/base/+/9b10fd9718f4e6f6843adbfc14e46a93aab93aad
- https://android.googlesource.com/platform/frameworks/base/+/3e88d987235f5a2acd50a9b6bad78dbbf39cb079
- https://android.googlesource.com/platform/frameworks/native/+/aa98edf0ce9dde4886979658a459900ca987f193
- https://android.googlesource.com/platform/system/core/+/46d46dc46446f14f26fbe8fb102dd36c1dfc1229
- https://android.googlesource.com/platform/frameworks/av/+/2ca6c27dc0336fd98f47cfb96dc514efa98e8864
- https://android.googlesource.com/platform/packages/modules/Bluetooth/+/de53890aaca2ae08b3ee2d6e3fd25f702fdfa661
- https://android.googlesource.com/platform/external/pdfium/+/03925281cf25fec70318bf2225356d022b12b566
- https://android.googlesource.com/platform/cts/+/a952c93009cc81c41a086d73a4030a83b7683a04
- https://android.googlesource.com/platform/frameworks/base/+/7b7fff1eb5014d12200a32ff9047da396c7ab6a4