CVE-2023-21228

2023-12-0422:40:48

google_android

www.cve.org

bound check

privilege escalation

kernel vulnerability

local exploitation

AI Score

8.9

Confidence

High

EPSS

0.001

Percentile

32.0%

JSON

In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Android",
    "versions": [
      {
        "version": "Android SoC",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

source.android.com/security/bulletin/2023-12-01