2 matches found
CVE-2023-40096
In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio from the background due to a missing flag. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40096
Summary: CVE-2023-40096 affects Android’s audio recording flow. A missing flag in OpRecordAudioMonitor::onFirstRef within AudioRecordClient.cpp may allow background audio recording, enabling local elevation of privilege with User privileges. Exploitation does not require user interaction. The vul...