CVE-2023-48420
- EPSS 0.07%
- Veröffentlicht 08.12.2023 16:15:18
- Zuletzt bearbeitet 21.11.2024 08:31:40
there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-48421
- EPSS 0.11%
- Veröffentlicht 08.12.2023 16:15:18
- Zuletzt bearbeitet 27.05.2025 16:15:29
In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with ...
CVE-2023-48422
- EPSS 0.1%
- Veröffentlicht 08.12.2023 16:15:18
- Zuletzt bearbeitet 21.11.2024 08:31:41
In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-48423
- EPSS 0.48%
- Veröffentlicht 08.12.2023 16:15:18
- Zuletzt bearbeitet 21.11.2024 08:31:41
In dhcp4_SetPDNAddress of dhcp4_Main.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-48403
- EPSS 0.41%
- Veröffentlicht 08.12.2023 16:15:17
- Zuletzt bearbeitet 21.11.2024 08:31:38
In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure if the attacker is able to observe the behavior of the subsequent switch conditional wit...
CVE-2023-48404
- EPSS 0.41%
- Veröffentlicht 08.12.2023 16:15:17
- Zuletzt bearbeitet 21.11.2024 08:31:38
In ProtocolMiscCarrierConfigSimInfoIndAdapter of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User inte...
CVE-2023-48405
- EPSS 0.11%
- Veröffentlicht 08.12.2023 16:15:17
- Zuletzt bearbeitet 21.11.2024 08:31:39
there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-48406
- EPSS 0.11%
- Veröffentlicht 08.12.2023 16:15:17
- Zuletzt bearbeitet 21.11.2024 08:31:39
there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploita...
CVE-2023-48407
- EPSS 0.11%
- Veröffentlicht 08.12.2023 16:15:17
- Zuletzt bearbeitet 21.11.2024 08:31:39
there is a possible DCK won't be deleted after factory reset due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-48408
- EPSS 0.1%
- Veröffentlicht 08.12.2023 16:15:17
- Zuletzt bearbeitet 21.11.2024 08:31:39
In ProtocolNetSimFileInfoAdapter() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not ne...