Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxfoundation yocto 4.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-20849
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350.
Linuxfoundation Yocto 4.0
Mediatek Iot Yocto 23.0
Google Android 11.0
Google Android 12.0
Linux Linux Kernel 6.1
6.5
CVSSv3
CVE-2023-20850
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381.
Linuxfoundation Yocto 4.0
Mediatek Iot Yocto 23.0
Google Android 11.0
Google Android 12.0
Linux Linux Kernel 6.1
6.5
CVSSv3
CVE-2023-20803
In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326374.
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
6.5
CVSSv3
CVE-2023-20800
In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420955.
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
6.5
CVSSv3
CVE-2023-20802
In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420976.
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
6.4
CVSSv3
CVE-2023-20835
In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570.
Linuxfoundation Yocto 4.0
Mediatek Iot Yocto 23.0
Google Android 12.0
Google Android 13.0
6.4
CVSSv3
CVE-2023-20801
In imgsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420968.
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
6.4
CVSSv3
CVE-2023-20736
In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645189.
Linuxfoundation Iot-yocto 22.2
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
4.4
CVSSv3
CVE-2023-32810
In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212.
Linuxfoundation Yocto 3.1
Linuxfoundation Yocto 3.3
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
Linux Linux Kernel 4.19
4.4
CVSSv3
CVE-2023-32807
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360.
Linuxfoundation Yocto 4.0
Mediatek Iot Yocto 23.0
Google Android 13.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »