4.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.3 High
AI Score
Confidence
High
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
28.4%
In bigben_remove of hid-bigbenff.c, there is a possible race condition due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CPE | Name | Operator | Version |
---|---|---|---|
:linux_kernel: | eq | Kernel |
android.googlesource.com/kernel/common/+/1fd3cdb1c245d67442d04c06c63dd0de96cd6091
android.googlesource.com/kernel/common/+/2cabed5f026551685b5c652fedcb010cc1e4c22a
android.googlesource.com/kernel/common/+/617c5ccc25ececa1efbc96a6a87499ec02070535
android.googlesource.com/kernel/common/+/e422c244a9b2192e3734825bd0c1cfed5cf8cc23
source.android.com/security/bulletin/2023-07-01
4.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.3 High
AI Score
Confidence
High
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
28.4%