CVE Vulnerabilities

CVE-2022-20499

Published: Mar 24, 2023 | Modified: Nov 21, 2024
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-246539931

Affected Software

Name Vendor Start Version End Version
Android Google 12.0 (including) 12.0 (including)
Android Google 12.1 (including) 12.1 (including)
Android Google 13.0 (including) 13.0 (including)
Android-platform-frameworks-base Ubuntu bionic *
Android-platform-frameworks-base Ubuntu devel *
Android-platform-frameworks-base Ubuntu esm-apps/bionic *
Android-platform-frameworks-base Ubuntu esm-apps/focal *
Android-platform-frameworks-base Ubuntu esm-apps/jammy *
Android-platform-frameworks-base Ubuntu esm-apps/noble *
Android-platform-frameworks-base Ubuntu esm-apps/xenial *
Android-platform-frameworks-base Ubuntu focal *
Android-platform-frameworks-base Ubuntu jammy *
Android-platform-frameworks-base Ubuntu kinetic *
Android-platform-frameworks-base Ubuntu lunar *
Android-platform-frameworks-base Ubuntu mantic *
Android-platform-frameworks-base Ubuntu noble *
Android-platform-frameworks-base Ubuntu oracular *
Android-platform-frameworks-base Ubuntu trusty *
Android-platform-frameworks-base Ubuntu xenial *

References