{"vulnerability": "CVE-2022-2058", "sightings": [{"uuid": "9721cb2c-6ec0-4741-af87-4617dfaf5c69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20582", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12450", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20582\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233645166References: N/A\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T14:54:08.511Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T14:58:56.000000Z"}, {"uuid": "75f8f9d7-f1d8-47b6-b729-e473398f436e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20580", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12445", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20580\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In ufdt_do_one_fixup of ufdt_overlay.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243629453References: N/A\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T14:56:42.410Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T14:58:48.000000Z"}, {"uuid": "d0f14632-32d1-4291-a808-2f4b990b6361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20583", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12451", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20583\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in S-EL1 with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234859169References: N/A\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T14:53:38.906Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T14:58:57.000000Z"}, {"uuid": "e22264af-381c-4e0e-a23c-7617994f31e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20581", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12449", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20581\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Pixel camera driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-245916120References: N/A\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T14:54:42.594Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T14:58:52.000000Z"}, {"uuid": "ecf2b8b4-29e5-4fa9-a4d5-6f33bd1f2496", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20587", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12457", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20587\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In ppmp_validate_wsm of drm_fw.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238720411References: N/A\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T14:51:11.440Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T14:59:05.000000Z"}, {"uuid": "df13ac65-e824-445a-8ada-9257db96d9c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20586", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12456", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20586\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238718854References: N/A\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T14:51:50.927Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T14:59:04.000000Z"}, {"uuid": "c2191bfc-982c-4901-8d26-5eed6b7ebe65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20588", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12459", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20588\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In sysmmu_map of sysmmu.c, there is a possible EoP due to a precondition check failure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238785915References: N/A\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T14:50:18.075Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T14:59:07.000000Z"}, {"uuid": "c49be135-5cc3-4a71-8a27-7c20179785b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20586", "type": "seen", "source": "https://t.me/cibsecurity/54685", "content": "\u203c CVE-2022-20586 \u203c\n\nIn valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238718854References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:24:47.000000Z"}, {"uuid": "31f7c1fd-f115-4b5c-a860-384223a71e12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20585", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12454", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20585\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238716781References: N/A\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T14:52:23.365Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T14:58:59.000000Z"}, {"uuid": "73f55ddd-7e09-444b-aeb5-0e98784e270a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20584", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12453", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20584\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In page_number of shared_mem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238366009References: N/A\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T14:52:54.917Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T14:58:58.000000Z"}, {"uuid": "79c20e75-dc80-4dc9-9a47-10513ea9ee3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20589", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12461", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20589\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In valid_va_secbuf_check of drm_access_control.c, there is a possible ID due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238841928References: N/A\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T14:49:28.401Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T14:59:11.000000Z"}, {"uuid": "38947540-4a37-4f1b-8639-f2a83b4fd28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20582", "type": "seen", "source": "https://t.me/cibsecurity/54714", "content": "\u203c CVE-2022-20582 \u203c\n\nIn ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233645166References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:34:29.000000Z"}, {"uuid": "641815ef-13b2-4f85-aa28-1432b0a7fa78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20581", "type": "seen", "source": "https://t.me/cibsecurity/54743", "content": "\u203c CVE-2022-20581 \u203c\n\nIn the Pixel camera driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-245916120References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:37:44.000000Z"}, {"uuid": "a66fe58c-0924-4b0b-a672-542a6e39d267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20589", "type": "seen", "source": "https://t.me/cibsecurity/54698", "content": "\u203c CVE-2022-20589 \u203c\n\nIn valid_va_secbuf_check of drm_access_control.c, there is a possible ID due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238841928References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:30:42.000000Z"}, {"uuid": "6d85b038-4b26-4eeb-9977-b0ff3ab4ac50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20580", "type": "seen", "source": "https://t.me/cibsecurity/54704", "content": "\u203c CVE-2022-20580 \u203c\n\nIn ufdt_do_one_fixup of ufdt_overlay.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243629453References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:30:48.000000Z"}, {"uuid": "3fe632f2-b7b3-411c-aa2a-3c53e6b1dd48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20584", "type": "seen", "source": "https://t.me/cibsecurity/54689", "content": "\u203c CVE-2022-20584 \u203c\n\nIn page_number of shared_mem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238366009References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:24:51.000000Z"}, {"uuid": "748a4209-dfdc-4417-8d61-c6ab03ecbcac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2058", "type": "seen", "source": "https://t.me/cibsecurity/45421", "content": "\u203c CVE-2022-2058 \u203c\n\nDivide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-30T20:38:49.000000Z"}]}