CVE-2023-21178

Name of the Vulnerable Software and Affected Versions Android versions Android-13

Description In the installKey function of KeyUtil.cpp, a possible failure of file encryption due to a race condition could lead to local information disclosure. This issue requires System execution privileges and does not need user interaction for exploitation.

Recommendations For Android version Android-13, consider applying the fix provided by the Android team to resolve the issue. As a temporary workaround, restrict access to sensitive files and directories to minimize the risk of exploitation.