{"vulnerability": "CVE-2022-3818", "sightings": [{"uuid": "6f1451a7-4dd3-43ca-9a0c-e6e319af6cc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "0e8e67d7-811b-4a97-961f-78ca1a5107c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971784", "content": "", "creation_timestamp": "2024-12-24T20:34:01.266739Z"}, {"uuid": "40018d28-f871-4f1d-86ce-478768b52bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:38.000000Z"}, {"uuid": "aa17c0f3-3777-4446-8cd3-29141f0121b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-38181", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1cad130a-cd54-49c2-8a8d-cf5c0b7a6398", "content": "", "creation_timestamp": "2026-02-02T12:27:03.021541Z"}, {"uuid": "76935039-bff4-42f3-af02-7744db8b28ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "published-proof-of-concept", "source": "Telegram/ddXtalayEc9Xq7_j2bkcE9pfDSSyywLvoptnUGWHZuVd6Vc", "content": "", "creation_timestamp": "2023-01-23T16:49:11.000000Z"}, {"uuid": "fe10ac04-156a-4c3d-bc0e-701fe1282749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "published-proof-of-concept", "source": "Telegram/c3YgkQFVjisKTpSSMYt2NYQ6rzoTm7SKIgyk7FbHceh0nLM", "content": "", "creation_timestamp": "2023-03-07T17:19:30.000000Z"}, {"uuid": "90c14404-b9e4-4318-b1e1-41fbb5bb2e4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "seen", "source": "https://t.me/arpsyndicate/1105", "content": "#ExploitObserverAlert\n\nCVE-2022-38181\n\nDESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-38181. The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.\n\nFIRST-EPSS: 0.206330000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-04T03:39:59.000000Z"}, {"uuid": "b04aa1ac-b3e7-499f-93c1-8e7f5b1d5ed1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "seen", "source": "https://t.me/true_secator/4237", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u0442\u0435\u043a\u0442\u043e\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f\u043c\u0438 \u043d\u0430 \u0440\u044b\u043d\u043a\u0435 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e.\n\n\u041d\u0430 \u0434\u043d\u044f\u0445, \u043a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043d\u0430\u0448\u0438 \u043a\u043e\u043b\u043b\u0435\u0433\u0438, \u043f\u0440\u0435\u0437\u0438\u0434\u0435\u043d\u0442 \u0421\u0428\u0410 \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043b \u0443\u043a\u0430\u0437, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f spyware. \u0418 \u0440\u0435\u0447\u044c \u0432\u043e\u0432\u0441\u0435 \u043d\u0435 \u0438\u0434\u0435\u0442 \u043e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u0441\u0442\u043e\u0440\u0438\u0438.\n\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0440\u0435\u0433\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432 \u0441\u0438\u043b\u0443 \u044d\u043a\u0441\u0442\u0435\u0440\u0440\u0438\u0442\u043e\u0440\u0430\u043b\u044c\u043d\u043e\u0439 \u044e\u0440\u0438\u0441\u0434\u0438\u043a\u0446\u0438\u0439 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0438\u0445 \u0437\u0430\u043a\u043e\u043d\u043e\u0432 \u0431\u0443\u0434\u0443\u0442 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0430 \u0432\u0441\u0435\u0445 \u0443\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u043e\u0432 \u043e\u0442\u0440\u0430\u0441\u043b\u0438. \n\n\u0427\u0442\u043e \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u0411\u0435\u043b\u044b\u0439 \u0434\u043e\u043c \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b, \u0437\u0430\u044f\u0432\u0438\u0432 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0443\u043a\u0430\u0437 \u043f\u043e\u0441\u043b\u0443\u0436\u0438\u0442 \u043e\u0441\u043d\u043e\u0432\u043e\u0439 \u0434\u043b\u044f \u043c\u0435\u0436\u0434\u0443\u043d\u0430\u0440\u043e\u0434\u043d\u043e\u0433\u043e \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0441\u0442\u0438\u043c\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0440\u0435\u0444\u043e\u0440\u043c\u044b \u043e\u0442\u0440\u0430\u0441\u043b\u0438.\n\n\u0414\u0430\u0431\u044b \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u0434\u0435\u0434\u0443\u043b\u044e \u0438 \u043e\u0431\u0449\u0443\u044e \u043f\u0440\u043e\u0434\u0432\u0438\u0433\u0430\u0435\u043c\u0443\u044e \u0437\u0430\u043f\u0430\u0434\u043d\u044b\u043c \u0440\u0430\u0437\u0432\u0435\u0434\u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e\u043c \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u044e, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Google TAG \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e spyware, \u0441\u0432\u044f\u0437\u0430\u0432 \u043b\u044c\u0432\u0438\u043d\u0443\u044e \u0434\u043e\u043b\u044e 0-day \u0437\u0430 2022 \u0433\u043e\u0434 \u0434\u043b\u044f iOS \u0438 Android \u0441 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e, \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u0434\u0432\u0443\u0445 \u0440\u0430\u0437\u043d\u044b\u0445 \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445.\n\n\u0412 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0434\u0432\u0443\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0439 \u0430\u0442\u0430\u043a\u0430 \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0441 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u0441\u044b\u043b\u043a\u0438 \u0446\u0435\u043b\u0435\u0432\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0447\u0435\u0440\u0435\u0437 SMS.\u00a0\u041f\u0440\u0438 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0435 \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435 \u0436\u0435\u0440\u0442\u0432\u0430 \u043f\u043e\u043f\u0430\u0434\u0430\u043b\u0430 \u043d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0434\u043b\u044f Android \u0438\u043b\u0438 iOS.\n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 iOS \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 CVE-2022-42856, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c WebKit, \u043a\u043e\u0442\u043e\u0440\u0443\u044e\u00a0Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432 iPhone\u00a0\u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430.\u00a0\u0410\u0442\u0430\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0438 \u043c\u0435\u0442\u043e\u0434 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f (PAC) \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2021-30900 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b \u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439), \u043a\u043e\u0442\u043e\u0440\u0443\u044e Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432 iOS \u0432 2021 \u0433\u043e\u0434\u0443.\u00a0\n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 Android \u0431\u044b\u043b\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430\u00a0CVE-2022-3723\u00a0\u2014 0-day \u0434\u043b\u044f Chrome, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e Google \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435  \u043d\u0430\u00a0CVE-2022-4135, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Google \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430 (\u043e\u0431\u0445\u043e\u0434 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b Chrome GPU, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043b\u0438\u044f\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Android).\n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0430 Android \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u00a0CVE-2022-38181, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Arm Mali, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0439 \u043a \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u044f\u0434\u0440\u0430. \u041f\u0430\u0442\u0447 \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d Arm \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2022 \u0433\u043e\u0434\u0430, \u043d\u043e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Pixel \u043e\u043d \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2023 \u0433\u043e\u0434\u0430.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Pixel, Samsung, Xiaomi, Oppo \u0438 \u0434\u0440\u0443\u0433\u0438\u0435, \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u043b\u0438 \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043c\u0435\u0441\u044f\u0446\u0435\u0432.\n\n\u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0431\u044b\u043b\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 \u0418\u0442\u0430\u043b\u0438\u0438, \u041c\u0430\u043b\u0430\u0439\u0437\u0438\u0438 \u0438 \u041a\u0430\u0437\u0430\u0445\u0441\u0442\u0430\u043d\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u041f\u041e \u043e\u0442 RCS Lab \u0438 Cytrox.\n\n\u0412\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0446\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u043d\u0430 \u043d\u0430 \u0431\u0440\u0430\u0443\u0437\u0435\u0440 Samsung, \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 0 \u0438 n-day. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0438\u0441\u044c \u0432 \u0432\u0438\u0434\u0435 \u0441\u0441\u044b\u043b\u043e\u043a \u0447\u0435\u0440\u0435\u0437 SMS.\n\n\u0410\u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 \u041e\u0410\u042d \u0441 \u0446\u0435\u043b\u044c\u044e \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e \u0434\u043b\u044f Android. Google \u0441\u0447\u0438\u0442\u0430\u0435\u0442, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0430 \u0438\u0441\u043f\u0430\u043d\u0441\u043a\u043e\u0439 Variston.\n\n\u0421\u043f\u0438\u0441\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0432\u043a\u043b\u044e\u0447\u0430\u043b CVE-2022-4262 (0-day \u0432 Chrome), \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e Google \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430, \u0438 CVE-2022-3038 (\u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b Chrome).\n\n\u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 CVE-2022-22706 (\u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u044f\u0434\u0440\u0430 Mali), \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e Arm \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2022 \u0433\u043e\u0434\u0430, \u0438 CVE-2023-0266 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0432\u0443\u043a\u043e\u0432\u043e\u0439 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u044b \u044f\u0434\u0440\u0430 Linux).\u00a0\u041e\u0431\u0435 \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Android \u0434\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0417\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0430\u0442\u0430\u043a \u0440\u0435\u0441\u043f\u0435\u043a\u0442, \u043d\u043e \u0447\u0442\u043e-\u0442\u043e \u043d\u0438\u043a\u0430\u043a \u0432 \u043e\u0442\u0447\u0435\u0442\u0430\u0445 \u043d\u0435 \u0432\u0438\u0434\u0438\u043c \u043d\u0438\u0447\u0435\u0433\u043e \u043f\u0440\u043e \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0438\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 spyware.", "creation_timestamp": "2023-03-30T18:17:31.000000Z"}, {"uuid": "3e7b8d55-96bf-4812-aecb-146b21673f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/3985", "content": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438\u00a0\u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Arm Mali, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0439 \u043a RCE \u0432 \u044f\u0434\u0440\u0435 \u0438 \u0440\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Pixel 6 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-38181 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 8,8 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430\u00a0\u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Arm Mali\u00a0\u0434\u043e r40p0 (\u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 7 \u043e\u043a\u0442\u044f\u0431\u0440\u044f 2022 \u0433.).\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u043a\u0430\u043a \u043e\u0431\u044a\u044f\u0441\u043d\u044f\u0435\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c GitHub Security Lab \u041c\u0430\u043d \u042e\u044d \u041c\u043e, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0441\u043e\u0431\u044b\u043c \u0442\u0438\u043f\u043e\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430: JIT-\u043f\u0430\u043c\u044f\u0442\u044c\u044e \u0438  \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u0434\u043b\u044f \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0446\u0435\u043f\u043e\u0447\u0435\u043a \u0437\u0430\u0434\u0430\u043d\u0438\u0439 \u043d\u0430 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440.\n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f CVE-2022-38181 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u043b\u0430\u0441\u0442\u0438 JIT-\u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u0441\u043f\u0438\u0441\u043e\u043a \u0432\u044b\u0442\u0435\u0441\u043d\u0435\u043d\u0438\u044f, \u0430 \u0437\u0430\u0442\u0435\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043d\u0435\u0445\u0432\u0430\u0442\u043a\u0443 \u043f\u0430\u043c\u044f\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u0432\u044b\u0442\u0435\u0441\u043d\u0435\u043d\u0438\u0435, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u043e\u0431\u043b\u0430\u0441\u0442\u044c JIT \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0430\u0435\u0442\u0441\u044f \u0431\u0435\u0437 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b, \u0447\u0442\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u0443\u044e \u043e\u0431\u043b\u0430\u0441\u0442\u044c JIT \u043c\u043e\u0436\u043d\u043e \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u043c \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0438\u0446, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u0438 \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0441\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043a\u043e\u0434 \u044f\u0434\u0440\u0430 \u0441 \u0430\u0434\u0440\u0435\u0441\u043d\u044b\u043c \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u043e\u043c \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u044f\u0434\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0435\u043c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430\u0448\u0435\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f root \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f SELinux.\n\n\u041c\u0430\u043d \u042e\u044d \u041c\u043e \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Android \u0432 \u0438\u044e\u043b\u0435 2022 \u0433\u043e\u0434\u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 PoC. \u041f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u044b\u043b \u043e\u0442\u043c\u0435\u0447\u0435\u043d \u043a\u0430\u043a \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043d\u043e \u0437\u0430\u0442\u0435\u043c \u043e\u0442\u0447\u0435\u0442 \u0431\u044b\u043b \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u043a\u043e\u043c\u0430\u043d\u0434\u0435 Arm.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043f\u043e\u0441\u043b\u0435 \u043e\u043a\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430 Arm \u0432 2022 \u0433\u043e\u0434\u0443 Google \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u00a0\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Pixel \u043e\u0442 \u044f\u043d\u0432\u0430\u0440\u044f 2023 \u0433\u043e\u0434\u0430, \u043d\u043e \u0431\u0435\u0437 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 CVE \u0438\u043b\u0438 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435.", "creation_timestamp": "2023-01-25T16:50:07.000000Z"}, {"uuid": "693b06f9-95cb-4474-a3ea-7eef1cbbebcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2435", "content": "#exploit\n1. CVE-2022-38181:\nVulnerability in the Arm Mali GPU\nhttps://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug\n\n2. CVE-2023-0210:\nLinux Kernel Unauthenticated Remote Heap Overflow Within KSMBD\nhttps://sysdig.com/blog/cve-2023-0210-linux-kernel-unauthenticated-remote-heap-overflow", "creation_timestamp": "2023-01-26T14:57:42.000000Z"}, {"uuid": "3891910d-36f5-4783-a105-775571c81271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "seen", "source": "https://t.me/cibsecurity/52068", "content": "\u203c CVE-2022-38181 \u203c\n\nAn Arm product family through 2022-08-12 mail GPU kernel driver allows non-privileged users to make improper GPU processing operations to gain access to already freed memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T22:26:53.000000Z"}, {"uuid": "36bbcb63-0f19-41c4-9286-2f063053af53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3818", "type": "seen", "source": "https://t.me/cibsecurity/52797", "content": "\u203c CVE-2022-3818 \u203c\n\nAn uncontrolled resource consumption issue when parsing URLs in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to cause performance issues and potentially a denial of service on the GitLab instance.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T02:41:24.000000Z"}, {"uuid": "3a4c332f-d522-4e74-acb6-8a6aa7f45412", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38183", "type": "seen", "source": "https://t.me/cibsecurity/48106", "content": "\u203c CVE-2022-38183 \u203c\n\nIn Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea (there was no permission check for fetching the issue). As a result, the attacker would get access to private issue titles.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-13T00:33:40.000000Z"}, {"uuid": "fb34137f-5c48-498c-b8af-924e253f13a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38184", "type": "seen", "source": "https://t.me/cibsecurity/48240", "content": "\u203c CVE-2022-38184 \u203c\n\nThere is an improper access control vulnerability in Portal for ArcGIS versions 10.8.1 and below which could allow a remote, unauthenticated attacker to access an API that may induce Esri Portal for ArcGIS to read arbitrary URLs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-16T22:39:25.000000Z"}, {"uuid": "2d868425-ef5b-4735-b2af-5c6b694e0acd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38189", "type": "seen", "source": "https://t.me/cibsecurity/48237", "content": "\u203c CVE-2022-38189 \u203c\n\nA stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user\u00e2\u20ac\u2122s browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-16T22:39:21.000000Z"}, {"uuid": "aa74c72c-046b-41e4-86cd-473e5922dcb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38188", "type": "seen", "source": "https://t.me/cibsecurity/48180", "content": "\u203c CVE-2022-38188 \u203c\n\nThere is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1 which may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2s browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-16T00:38:17.000000Z"}, {"uuid": "f8b9d7ad-00fa-419a-82da-4cec6281d3b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38187", "type": "seen", "source": "https://t.me/cibsecurity/48176", "content": "\u203c CVE-2022-38187 \u203c\n\nPrior to version 10.9.0, the sharing/rest/content/features/analyze endpoint is always accessible to anonymous users, which could allow an unauthenticated attacker to induce Esri Portal for ArcGIS to read arbitrary URLs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-16T00:38:10.000000Z"}, {"uuid": "a37e9bba-ed3c-4582-8a3f-123939965b03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38180", "type": "seen", "source": "https://t.me/cibsecurity/48012", "content": "\u203c CVE-2022-38180 \u203c\n\nIn JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T14:33:16.000000Z"}, {"uuid": "6cbc81ce-17c5-4316-85c2-4e276225d297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "exploited", "source": "https://t.me/androidMalware/1760", "content": "Pwning the all Google phone with a non-Google bug (CVE-2022-38181)\nhttps://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/", "creation_timestamp": "2023-02-16T07:59:33.000000Z"}, {"uuid": "f095495d-45d2-4312-b39e-c7b9ff1dae03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38181", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7624", "content": "#exploit\n1. CVE-2022-38181:\nVulnerability in the Arm Mali GPU\nhttps://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug\n\n2. CVE-2023-0210:\nLinux Kernel Unauthenticated Remote Heap Overflow Within KSMBD\nhttps://sysdig.com/blog/cve-2023-0210-linux-kernel-unauthenticated-remote-heap-overflow", "creation_timestamp": "2023-01-26T11:01:01.000000Z"}]}