In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242459126
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/2022-12-01 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: google_android
Published: 2022-12-13T00:00:00
Updated: 2022-12-13T00:00:00
Reserved: 2021-10-14T00:00:00
Link: CVE-2022-20483
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-12-13T16:15:16.480
Modified: 2023-08-08T14:22:24.967
Link: CVE-2022-20483
JSON object: View
Redhat Information
No data.
CWE