True that many potential RCEs are found, but I think there are a few points to keep in mind.
- RCE classification is often conservatively assumed when it is theoretically possible even if it is not been demonstrated. Android bulletins appear to assume any memory corruption could be an RCE.
- Remote code is no longer sufficient for privileged control. Next, you have to use it to break out of a restrictive sandbox for whatever service or application you have compromised.
Good news; a true necessity if eSIM is to be consumer friendly.