Version SMR Apr-2024 Release in Android 12, 13, 14

CVE-2024-20849

Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code.

HIGH CVSS 7.3 Published Apr 02, 2024

CVE-2024-20848

Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory.

MEDIUM CVSS 5.1 Published Apr 02, 2024

CVE-2024-20847

Improper Access Control vulnerability in StorageManagerService prior to SMR Apr-2024 Release 1 allows local attackers to read sdcard information.

MEDIUM CVSS 4.0 Published Apr 02, 2024

CVE-2024-20843

Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code.

MEDIUM CVSS 5.6 Published Apr 02, 2024

CVE-2024-20842

Improper Input Validation vulnerability in handling apdu of libsec-ril prior to SMR Apr-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.

MEDIUM CVSS 4.2 Published Apr 02, 2024