References to Advisories, Solutions, and Tools By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information…

CVE-2023-35658 Detail Description In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional…

CVE-2023-35664 Detail Description In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no…

CVE-2023-35665 Detail Description In multiple files, there is a possible way to import a contact from another user due to a missing permission check. This could lead to local escalation…

CVE-2023-35666 Detail Description In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege…

CVE-2023-35667 Detail Description In updateList of NotificationAccessSettings.java, there is a possible way to hide approved notification listeners in the settings due to a logic error in the code. This could…

CVE-2023-35669 Detail Description In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to control other running activities due to unsafe deserialization. This could lead to local escalation of privilege with…

CVE-2023-35670 Detail Description In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps’ external private directories due to a path traversal error. This could lead…

CVE-2023-35671 Detail Description In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device…

CVE-2023-35673 Detail Description In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) code execution with no…