{"vulnerability": "CVE-2022-3910", "sightings": [{"uuid": "6b299ad3-9e12-47a8-a735-90024b41c883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39109", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16507", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39109\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.\n\ud83d\udccf Published: 2022-10-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-15T14:29:16.648Z\n\ud83d\udd17 References:\n1. https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", "creation_timestamp": "2025-05-15T14:35:05.000000Z"}, {"uuid": "9acb5762-10a4-4cda-9a88-c09884490044", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39107", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16504", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39107\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in Soundrecorder service with no additional execution privileges needed.\n\ud83d\udccf Published: 2022-10-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-15T14:30:09.515Z\n\ud83d\udd17 References:\n1. https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", "creation_timestamp": "2025-05-15T14:35:02.000000Z"}, {"uuid": "1bc3b954-31f6-42cd-8f2f-e474a8e68fee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39108", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16505", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39108\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.\n\ud83d\udccf Published: 2022-10-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-15T14:29:42.391Z\n\ud83d\udd17 References:\n1. https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", "creation_timestamp": "2025-05-15T14:35:03.000000Z"}, {"uuid": "63a51a29-f4fd-4102-8987-cbe4c5c72074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3910", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/53342", "content": "\u203c CVE-2022-3910 \u203c\n\nUse After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads to Use-After-Free and Local Privilege Escalation. When io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to Use-After-Free and Local Privilege Escalation). Fixed files are permanently registered to the ring, and should not be put separately. We recommend upgrading past commit https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T16:13:20.000000Z"}, {"uuid": "da9edb56-d9f2-401b-b415-ca205f74b8b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39104", "type": "seen", "source": "https://t.me/cibsecurity/55850", "content": "\u203c CVE-2022-39104 \u203c\n\nIn contacts service, there is a missing permission check. This could lead to local denial of service in Contacts service with no additional execution privileges needed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-04T12:17:56.000000Z"}, {"uuid": "6e350dfb-6959-4300-8eca-1af3403e427c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39102", "type": "seen", "source": "https://t.me/cibsecurity/54051", "content": "\u203c CVE-2022-39102 \u203c\n\nIn power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T12:51:53.000000Z"}, {"uuid": "455f73e7-cd0b-4e97-993c-0cfbc90b103b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39105", "type": "seen", "source": "https://t.me/cibsecurity/51493", "content": "\u203c CVE-2022-39105 \u203c\n\nIn sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-14T22:29:17.000000Z"}]}