wrlu/StrandHogg2 CVE-2020-0121 In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic error.User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-145669109 This could lead to local escalation of privilege with no additional execution privileges needed. quarkslab/CVE-2020-0069_poc CVE-2020-0096 In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy.User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754 bluefrostsecurity/CVE-2020-0041 CVE-2020-0069 In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions.User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |