SB2022100342 - Multiple vulnerabilities in Google Pixel
Published: October 3, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 9 vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2022-20231)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Trusty component. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
2) Buffer overflow (CVE-ID: CVE-2022-20364)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the kernel component. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
3) Integer overflow (CVE-ID: CVE-2022-22078)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows an attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow within the BOOT subsystem. An attacker with physical access to the affected device can trigger an integer overflow and perform a denial of service (DoS) attack.
4) Information disclosure (CVE-ID: CVE-2022-25664)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to an error within the Graphics component while GPU reads the data. A local application can gain access to sensitive information.
5) Use-after-free (CVE-ID: CVE-2022-25666)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the DSP Service while trying to access maps by different threads. A local application can trigger a use-after-free error and execute arbitrary code with elevated privileges.
6) Untrusted Pointer Dereference (CVE-ID: CVE-2022-25662)
CWE-ID: CWE-822 - Untrusted Pointer Dereference
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to untrusted pointer dereference when processing multimedia files in Video component. A remote attacker can trick the victim to open a specially crafted file, trigger an untrusted pointer dereference and gain access to sensitive information.
7) Out-of-bounds read (CVE-ID: CVE-2022-25665)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the kernel component. A local application can trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.
8) Information disclosure (CVE-ID: CVE-2022-20464)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to an error within Audio processor in Pixel kernel. A local application can gain unauthorized access to sensitive information on the system.
9) Buffer overflow (CVE-ID: CVE-2022-20397)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the libsitril-se component in Google Pixel. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
Remediation
Install update from vendor's website.