Lucene search
HistoryJun 06, 2023 - 1:15 p.m.
CVE-2023-20733
use after free
vcu
privilege escalation
system execution
patch
issue id
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645149.
Affected configurations
Node
linuxfoundationiot-yoctoMatch22.2
ORlinuxfoundationyoctoMatch4.0
ORgoogleandroidMatch12.0
ORgoogleandroidMatch13.0
mediatekmt6768Match-
ORmediatekmt6769Match-
ORmediatekmt6779Match-
ORmediatekmt6781Match-
ORmediatekmt6785Match-
ORmediatekmt6789Match-
ORmediatekmt6833Match-
ORmediatekmt6853Match-
ORmediatekmt6853tMatch-
ORmediatekmt6873Match-
ORmediatekmt6875Match-
ORmediatekmt6877Match-
ORmediatekmt6883Match-
ORmediatekmt6885Match-
ORmediatekmt6889Match-
ORmediatekmt6891Match-
ORmediatekmt6893Match-
ORmediatekmt8168Match-
ORmediatekmt8365Match-
ORmediatekmt8395Match-
Related
prion
prion
Design/Logic Flaw
2023-06-06 13:15:00
cvelist
cvelist
CVE-2023-20733
2023-06-06 12:11:17
cve
cve
CVE-2023-20733
2023-06-06 13:15:12
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2023-20733