Vulnerabilities > Allwinnertech

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2021-38789 Missing Authorization vulnerability in Allwinnertech Android Q SDK 1.0
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings.
network
low complexity
allwinnertech CWE-862
5.0
2022-01-19 CVE-2021-38788 Unspecified vulnerability in Allwinnertech Android Q SDK 1.0
The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background applications.
network
low complexity
allwinnertech
5.0
2022-01-19 CVE-2021-38787 Integer Overflow or Wraparound vulnerability in Allwinnertech Android Q SDK 1.0
There is an integer overflow in the ION driver "/dev/ion" of Allwinner R818 SoC Android Q SDK V1.0 that could use the ioctl cmd "COMPAT_ION_IOC_SUNXI_FLUSH_RANGE" to cause a system crash (denial of service).
network
low complexity
allwinnertech CWE-190
7.8
2022-01-19 CVE-2021-38786 NULL Pointer Dereference vulnerability in Allwinnertech Android Q SDK 1.0
There is a NULL pointer dereference in media/libcedarc/vdecoder of Allwinner R818 SoC Android Q SDK V1.0, which could cause a media crash (denial of service).
network
low complexity
allwinnertech CWE-476
5.0
2022-01-18 CVE-2021-38784 NULL Pointer Dereference vulnerability in Allwinnertech Android Q SDK 1.0
There is a NULL pointer dereference in the syscall open_exec function of Allwinner R818 SoC Android Q SDK V1.0 that could executable a malicious file to cause a system crash.
network
low complexity
allwinnertech CWE-476
7.8
2022-01-18 CVE-2021-38785 NULL Pointer Dereference vulnerability in Allwinnertech Android Q SDK 1.0
There is a NULL pointer deference in the Allwinner R818 SoC Android Q SDK V1.0 camera driver /dev/cedar_dev that could use the ioctl cmd IOCTL_GET_IOMMU_ADDR to cause a system crash.
network
low complexity
allwinnertech CWE-476
7.8
2022-01-18 CVE-2021-38783 Out-of-bounds Write vulnerability in Allwinnertech Android Q SDK 1.0
There is a Out-of-Bound Write in the Allwinner R818 SoC Android Q SDK V1.0 camera driver "/dev/cedar_dev" through iotcl cmd IOCTL_SET_PROC_INFO and IOCTL_COPY_PROC_INFO, which could cause a system crash or EoP.
network
low complexity
allwinnertech CWE-787
7.8
2017-03-27 CVE-2016-10225 Permissions, Privileges, and Access Controls vulnerability in Allwinnertech Linux-3.4-Sunxi
The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxi_debug/sunxi_debug.
local
low complexity
allwinnertech allwinner CWE-264
7.2