2 matches found
CVE-2023-21138
In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for...
CVE-2023-21138
CVE-2023-21138 affects Android 11–13; in CallRedirectionProcessor.java onNullBinding, improper input validation enables a long‑lived connection, allowing local escalation of privilege with user‑level execution and background activity launches. No user interaction required. Exploitation details ar...