4.1

CVE-2022-48451

In bluetooth service, there is a possible out of bounds write due to race condition.  This could lead to local denial of service with System execution privileges needed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleAndroid Version10.0
   UnisocS8000 Version-
   UnisocSc7731e Version-
   UnisocSc9832e Version-
   UnisocSc9863a Version-
   UnisocT310 Version-
   UnisocT606 Version-
   UnisocT610 Version-
   UnisocT612 Version-
   UnisocT616 Version-
   UnisocT618 Version-
   UnisocT760 Version-
   UnisocT770 Version-
   UnisocT820 Version-
GoogleAndroid Version11.0
   UnisocS8000 Version-
   UnisocSc7731e Version-
   UnisocSc9832e Version-
   UnisocSc9863a Version-
   UnisocT310 Version-
   UnisocT606 Version-
   UnisocT610 Version-
   UnisocT612 Version-
   UnisocT616 Version-
   UnisocT618 Version-
   UnisocT760 Version-
   UnisocT770 Version-
   UnisocT820 Version-
GoogleAndroid Version12.0
   UnisocS8000 Version-
   UnisocSc7731e Version-
   UnisocSc9832e Version-
   UnisocSc9863a Version-
   UnisocT310 Version-
   UnisocT606 Version-
   UnisocT610 Version-
   UnisocT612 Version-
   UnisocT616 Version-
   UnisocT618 Version-
   UnisocT760 Version-
   UnisocT770 Version-
   UnisocT820 Version-
GoogleAndroid Version13.0
   UnisocS8000 Version-
   UnisocSc7731e Version-
   UnisocSc9832e Version-
   UnisocSc9863a Version-
   UnisocT310 Version-
   UnisocT606 Version-
   UnisocT610 Version-
   UnisocT612 Version-
   UnisocT616 Version-
   UnisocT618 Version-
   UnisocT760 Version-
   UnisocT770 Version-
   UnisocT820 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.01% 0.005
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.1 0.5 3.6
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.