PT-2023-17868 · Google · Android Kernel

Publicado

2023-03-24

Atualizado

2023-03-30

CVE-2023-21076

CVSS v3.1

6.7

Média

Vetor

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a heap buffer overflow in the createTransmitFollowupRequest function of nan.cpp, which could lead to a local escalation of privilege. System execution privileges are needed for exploitation, and user interaction is not required.

Recommendations For Android kernel, consider applying a patch to fix the heap buffer overflow issue in the createTransmitFollowupRequest function of nan.cpp to prevent local escalation of privilege.

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2023-21076

Produtos afetados

Android Kernel

PT-2023-17868 · Google · Android Kernel

CVE-2023-21076

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3