Vulnerabilities > Allwinnertech

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2021-38789 Missing Authorization vulnerability in Allwinnertech Android Q SDK 1.0
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings.
network
low complexity
allwinnertech CWE-862
7.5
7.5
2022-01-19 CVE-2021-38788 Unspecified vulnerability in Allwinnertech Android Q SDK 1.0
The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background applications.
network
low complexity
allwinnertech
7.5
7.5
2022-01-19 CVE-2021-38787 Integer Overflow or Wraparound vulnerability in Allwinnertech Android Q SDK 1.0
There is an integer overflow in the ION driver "/dev/ion" of Allwinner R818 SoC Android Q SDK V1.0 that could use the ioctl cmd "COMPAT_ION_IOC_SUNXI_FLUSH_RANGE" to cause a system crash (denial of service).
network
low complexity
allwinnertech CWE-190
7.5
7.5
2022-01-19 CVE-2021-38786 NULL Pointer Dereference vulnerability in Allwinnertech Android Q SDK 1.0
There is a NULL pointer dereference in media/libcedarc/vdecoder of Allwinner R818 SoC Android Q SDK V1.0, which could cause a media crash (denial of service).
network
low complexity
allwinnertech CWE-476
7.5
7.5
2022-01-18 CVE-2021-38784 NULL Pointer Dereference vulnerability in Allwinnertech Android Q SDK 1.0
There is a NULL pointer dereference in the syscall open_exec function of Allwinner R818 SoC Android Q SDK V1.0 that could executable a malicious file to cause a system crash.
network
low complexity
allwinnertech CWE-476
7.5
7.5
2022-01-18 CVE-2021-38785 NULL Pointer Dereference vulnerability in Allwinnertech Android Q SDK 1.0
There is a NULL pointer deference in the Allwinner R818 SoC Android Q SDK V1.0 camera driver /dev/cedar_dev that could use the ioctl cmd IOCTL_GET_IOMMU_ADDR to cause a system crash.
network
low complexity
allwinnertech CWE-476
7.5
7.5
2022-01-18 CVE-2021-38783 Out-of-bounds Write vulnerability in Allwinnertech Android Q SDK 1.0
There is a Out-of-Bound Write in the Allwinner R818 SoC Android Q SDK V1.0 camera driver "/dev/cedar_dev" through iotcl cmd IOCTL_SET_PROC_INFO and IOCTL_COPY_PROC_INFO, which could cause a system crash or EoP.
network
low complexity
allwinnertech CWE-787
7.5
7.5