Android Security Acknowledgements

Stay organized with collections Save and categorize content based on your preferences.

The Android Security Team would like to thank the following people and parties for helping to improve Android security. They have done this either by finding and responsibly reporting security vulnerabilities through the AOSP bug tracker Security bug report template or by committing code that has a positive impact on Android security, including code that qualifies for the Patch Rewards program.

2023

Note: Starting in 2018 and continuing in 2023, the security acknowledgements are listed by month. In prior years, acknowledgements were listed together.

February

Researchers CVEs
Bob Zamani of Google CVE-2023-20942
C_C CVE-2022-20455, CVE-2023-20943
Dmitry Myachin CVE-2022-20551
Gengjia Chen ( @chengjia4574 ) from IceSword Lab CVE-2022-47331
Hongguang Chen and Devin Moore of Google CVE-2023-20940
Isaac Manjarres of Google CVE-2023-20949
Jann Horn of Google Project Zero CVE-2023-20937
Le Wu of Baidu Security CVE-2022-33225
Lewei Qu(曲乐炜) CVE-2022-47339
Linus Tufvesson of Google CVE-2022-20443
Mayank Garg of Google CVE-2023-20927
Michał Bednarski (michalbednarski) CVE-2023-20944
Mohammed Anwarullah of Google CVE-2023-20939
Pengfei Ding (丁鹏飞) CVE-2022-25711
Peter Park CVE-2022-33233
Peter Park (peterpark) CVE-2022-33248
Sergej Salnikov of Google CVE-2023-20934
Shufan Yang(杨书范) of Baidu AIoT Security Team CVE-2023-20602
Sithi CVE-2023-20932
Zi Fan Tan of Google CVE-2023-20938
Zinuo Han (https://twitter.com/ele7enxxh) of OPPO Amber Security Lab CVE-2023-20945, CVE-2023-20948

January

Researchers CVEs
C_C CVE-2022-20456, CVE-2022-20489, CVE-2022-20490, CVE-2022-20492, CVE-2022-20493, CVE-2023-20922
Gengjia Chen ( @chengjia4574 ) from IceSword Lab CVE-2022-22079, CVE-2022-44425, CVE-2022-44426
Jann Horn of Google Project Zero CVE-2023-20928
Karan Lalwani CVE-2023-20921
Le Wu of Baidu Security CVE-2022-25722
Lewei Qu(曲乐炜) CVE-2022-44434, CVE-2022-44435, CVE-2022-44436, CVE-2022-44437, CVE-2022-44438
Michał Bednarski (michalbednarski) CVE-2023-20904
Mitch Phillips using HWASan CVE-2023-20920
Mohammed Anwarullah of Google CVE-2023-20925
Muhammad Hasan Khan of Google CVE-2023-20919
nicolas (nicolas1993) CVE-2022-25715, CVE-2022-25717, CVE-2022-25721
Sithi CVE-2022-20494, CVE-2023-20912, CVE-2023-20913, CVE-2023-20915
wrlu CVE-2023-20923
Xianfeng Lu(卢先锋) and Lei Ai(艾磊) of OPPO Amber Security Lab CVE-2023-20905
Xie Yifei CVE-2022-44427, CVE-2022-44428, CVE-2022-44429, CVE-2022-44430, CVE-2022-44431, CVE-2022-44432
Xingyu Jin of Google CVE-2022-20235
Yu-Cheng Lin (林禹成) (@AndroBugs) CVE-2022-20213, CVE-2022-20214, CVE-2022-20215, CVE-2022-20458
Zhongquan Li @ ADLab of VenusTech CVE-2022-32637
Zinuo Han(https://twitter.com/ele7enxxh) of OPPO Amber Security Lab CVE-2022-20461, CVE-2022-32635, CVE-2022-33255

Additional Contributions

We would also like to acknowledge the contributions of the following individuals to Android security:

2022

Note: Starting in 2018 and continuing in 2022, the security acknowledgements are listed by month. In prior years, acknowledgements were listed together.

December

Researchers CVEs
Aman Pandey of bugsmirror CVE-2022-20510, CVE-2022-20511, CVE-2022-20525, CVE-2022-20535, CVE-2022-20538
Andrey Artemiev of Google CVE-2022-20581, CVE-2022-20600
Ben CVE-2022-20543
Bo Zhang (张波) of Bytedance Wuheng Lab CVE-2021-39795
David McGregor, UL CVE-2022-20199
Dimitrios Valsamarasof Microsoft CVE-2021-39617
Edward Cunningham of Google CVE-2022-20475, CVE-2022-20512
Florian Mayer of Google CVE-2022-20523
Gengjia Chen ( @chengjia4574 ) from IceSword Lab CVE-2022-39106, CVE-2022-39129, CVE-2022-39130, CVE-2022-39131, CVE-2022-39132, CVE-2022-39133, CVE-2022-39134, CVE-2022-42755, CVE-2022-42756, CVE-2022-42770, CVE-2022-42771, CVE-2022-42772
Hongli Han(@hexb1n) and Guang Gong(@oldfresher) of 360 Alpha Lab CVE-2022-20514, CVE-2022-20540
Jeong Wook Oh of Google CVE-2022-20582, CVE-2022-20583, CVE-2022-20584, CVE-2022-20585, CVE-2022-20586, CVE-2022-20587, CVE-2022-20588, CVE-2022-20589, CVE-2022-20590, CVE-2022-20591, CVE-2022-20592, CVE-2022-20597, CVE-2022-20598, CVE-2022-20599, CVE-2022-42531, CVE-2022-42532, CVE-2022-42534
Keith Mok of Google CVE-2022-20483
Kevin Kou of Google CVE-2022-20477
Lewei Qu(曲乐炜) of Baidu AIoT Security Team CVE-2022-42754
Lucian of OPPO Amber Security Lab CVE-2022-20559
Manjeet Rulhania of Google CVE-2022-20495
Matheus Eduardo Garbelini CVE-2021-30348
Michał Bednarski (michalbednarski) CVE-2022-20474
Mike McTernan of Google CVE-2022-42543
Mitch Phillips using HWASan CVE-2022-20561
Mohammed Anwarullah of Google CVE-2022-20548
Peter Park (peterpark) CVE-2022-25682, CVE-2022-25695
Phil Burk of Google CVE-2022-20562
Pratheesh P Narayanan CVE-2022-20124
RA Position at CactiLab (https://cactilab.github.io/) of University at Buffalo CVE-2022-20520
Robert Tseng CVE-2022-20544
Seonung Jang(@IFdLRx4At1WFm74) of STEALIEN CVE-2022-25677
Sergei Volokitin CVE-2022-32594, CVE-2022-32596, CVE-2022-32597, CVE-2022-32598
SHIHAB P M CVE-2022-20611
Sithi CVE-2022-20501
stardesty of HSSL CVE-2022-20411, CVE-2022-20469
Steve Thomas (@Sc00bzT) CVE-2022-20497
su4do4 CVE-2022-20568
Syed Rafiul Hussain, Abdullah Al Ishtiaq, Penn State; Imtiaz Karim, Elisa Bertino, Purdue; Omar Chowdhury, University of Iowa CVE-2022-25685
System and Software Security Lab in Fudan University CVE-2021-0934
Timur Mikhaylin CVE-2022-20529
Tomasz Kuchta CVE-2022-20569
Vishnu Nair of Google CVE-2022-20444
William Escande of Google CVE-2022-20547
Xin Zhao of Google CVE-2022-20574, CVE-2022-20575
Xingyu Jin of Google CVE-2021-39660
Xuan Xing (Android Security Assurance Red Team) CVE-2020-0465, CVE-2022-42529, CVE-2022-42530
Yu-Cheng Lin (林禹成) (@AndroBugs) CVE-2022-20504, CVE-2022-20536, CVE-2022-20558
Zinuo Han(https://twitter.com/ele7enxxh) of OPPO Amber Security Lab CVE-2022-20468, CVE-2022-20509, CVE-2022-20513, CVE-2022-20516, CVE-2022-20521, CVE-2022-20526, CVE-2022-20527, CVE-2022-20539, CVE-2022-20541, CVE-2022-20546, CVE-2022-20549, CVE-2022-20552, CVE-2022-20557, CVE-2022-20576, CVE-2022-20577, CVE-2022-20578, CVE-2022-20579, CVE-2022-20593, CVE-2022-20594, CVE-2022-20595, CVE-2022-20596, CVE-2022-42501, CVE-2022-42502, CVE-2022-42503, CVE-2022-42504, CVE-2022-42505, CVE-2022-42506, CVE-2022-42507, CVE-2022-42508, CVE-2022-42509, CVE-2022-42510, CVE-2022-42511, CVE-2022-42512, CVE-2022-42513, CVE-2022-42514, CVE-2022-42515, CVE-2022-42516, CVE-2022-42517, CVE-2022-42518, CVE-2022-42519, CVE-2022-42520, CVE-2022-42521, CVE-2022-42522, CVE-2022-42523, CVE-2022-42525, CVE-2022-42526, CVE-2022-42542