CVE-2023-21213

Name of the Vulnerable Software and Affected Versions Android versions Android-13

Description The issue is related to a possible out of bounds read due to a missing bounds check in the initiateTdlsTeardownInternal function of sta iface.cpp. This could lead to local information disclosure in the wifi server, requiring System execution privileges for exploitation. No user interaction is needed for exploitation.

Recommendations For Android version Android-13, consider restricting access to the wifi server to minimize the risk of exploitation until a patch is available. As a temporary workaround, review the initiateTdlsTeardownInternal function in sta iface.cpp to ensure proper bounds checking is implemented.