Pixel vs. Android security bulletin

This is wrong. Do not let the Pixel in the PSB deceive you, please look at the actual PSB contents like I said.
They are not Pixel specific.

edit: here
For December 2022 PSB, in the framework+system section:

  • CVE-2022-20504 is a bug in screensavers
  • CVE-2022-20524 is a bug in vibrator hal
  • CVE-2022-20553 is a bug with logcat
  • CVE-2022-20554 is a bug with input handling
  • CVE-2022-20513 is a bug with ClearKey DRM
  • CVE-2022-20523 is a bug with incfs
  • CVE-2022-20530 is a misleading user-facing string
  • CVE-2022-20538 is a bug with sms package handling?
  • CVE-2022-20559 is a bug with package permission handling
  • CVE-2022-20543 is a bug with animations
  • CVE-2022-20526 is a bug with GPU debug metrics
  • CVE-2022-20528 is a bug with H265
  • CVE-2022-42544 is a bug with Wi-Fi network listing
  • CVE-2022-20503, CVE-2022-20506, CVE-2022-20508, CVE-2022-20519, CVE-2022-20522, CVE-2022-20533, CVE-2022-20537, CVE-2022-20556 various bugs with guest mode users being able to edit Wi-Fi settings and viewing passwords
  • CVE-2022-20505 is a bug with call log handling
  • CVE-2022-20509, CVE-2022-20557 bugs in FMQ
  • CVE-2022-20520 prevent overlays over the SimToolKit
  • CVE-2022-20525 bug with visual voice mail
  • CVE-2022-20529 bug with wrongly allowing wifi dialog on lock sceren
  • CVE-2022-20536 prevent user apps from sending broadcasts RCS unless permission granted
  • CVE-2022-20539, CVE-2022-20546 bugs in audio hal for audio equalizer?
  • CVE-2022-20540 bug in the window renderer
  • CVE-2022-20544 bug that wrongly re-enables disabled apps when clearing data
  • CVE-2022-20547 bug with Bluetooth permission checks
  • CVE-2022-20549 bug with keymaster data handling
  • CVE-2022-20550 bug that let screensaver invoke arbitrary activity with potentially elevated privileges

I can keep going, they aren’t Pixel specific

1 Like