Version SMR Mar-2024 Release in Android 11, 12, 13, 14

CVE-2024-20833

Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory corruption.

MEDIUM CVSS 4.1 Published Mar 05, 2024

CVE-2024-20836

Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds memory.

LOW CVSS 3.3 Published Mar 05, 2024

CVE-2024-20835

Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors.

MEDIUM CVSS 4.0 Published Mar 05, 2024

CVE-2024-20834

The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission.

LOW CVSS 3.3 Published Mar 05, 2024

CVE-2024-20830

Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to configure AppLock settings.

MEDIUM CVSS 5.3 Published Mar 05, 2024