Vulnerabilities > Allwinnertech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-19 | CVE-2021-38789 | Missing Authorization vulnerability in Allwinnertech Android Q SDK 1.0 Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings. | 5.0 |
| 2022-01-19 | CVE-2021-38788 | Unspecified vulnerability in Allwinnertech Android Q SDK 1.0 The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background applications. | 5.0 |
| 2022-01-19 | CVE-2021-38787 | Integer Overflow or Wraparound vulnerability in Allwinnertech Android Q SDK 1.0 There is an integer overflow in the ION driver "/dev/ion" of Allwinner R818 SoC Android Q SDK V1.0 that could use the ioctl cmd "COMPAT_ION_IOC_SUNXI_FLUSH_RANGE" to cause a system crash (denial of service). | 7.8 |
| 2022-01-19 | CVE-2021-38786 | NULL Pointer Dereference vulnerability in Allwinnertech Android Q SDK 1.0 There is a NULL pointer dereference in media/libcedarc/vdecoder of Allwinner R818 SoC Android Q SDK V1.0, which could cause a media crash (denial of service). | 5.0 |
| 2022-01-18 | CVE-2021-38784 | NULL Pointer Dereference vulnerability in Allwinnertech Android Q SDK 1.0 There is a NULL pointer dereference in the syscall open_exec function of Allwinner R818 SoC Android Q SDK V1.0 that could executable a malicious file to cause a system crash. | 7.8 |
| 2022-01-18 | CVE-2021-38785 | NULL Pointer Dereference vulnerability in Allwinnertech Android Q SDK 1.0 There is a NULL pointer deference in the Allwinner R818 SoC Android Q SDK V1.0 camera driver /dev/cedar_dev that could use the ioctl cmd IOCTL_GET_IOMMU_ADDR to cause a system crash. | 7.8 |
| 2022-01-18 | CVE-2021-38783 | Out-of-bounds Write vulnerability in Allwinnertech Android Q SDK 1.0 There is a Out-of-Bound Write in the Allwinner R818 SoC Android Q SDK V1.0 camera driver "/dev/cedar_dev" through iotcl cmd IOCTL_SET_PROC_INFO and IOCTL_COPY_PROC_INFO, which could cause a system crash or EoP. | 7.8 |
| 2017-03-27 | CVE-2016-10225 | Permissions, Privileges, and Access Controls vulnerability in Allwinnertech Linux-3.4-Sunxi The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxi_debug/sunxi_debug. | 7.2 |