CVE-2023-21402

2023-12-0422:40:49

google_android

www.cve.org

out of bounds read

input validation

local escalation

privilege

kernel

exploitation

no user interaction

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

32.0%

JSON

In MMU_UnmapPages of mmu_common.c, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Android",
    "versions": [
      {
        "version": "Android SoC",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

source.android.com/security/bulletin/2023-12-01