2 matches found
CVE-2023-21170
In executeSetClientTarget of ComposerCommandEngine.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2023-21170
CVE-2023-21170 affects Android 13 devices (notably Pixel). Root cause: a missing bounds check in the function executeSetClientTarget inside ComposerCommandEngine.h, causing a possible out-of-bounds read. Impact: local information disclosure with system privileges required; exploitation does not r...