Ubuntu.comUB:CVE-2023-21253CVE-2023-21253
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
5.1%
In multiple locations, there is a possible way to crash multiple system
services due to resource exhaustion. This could lead to local denial of
service with no additional execution privileges needed. User interaction is
not needed for exploitation.
References
android.googlesource.com/platform/frameworks/base/+/84df68840b6f2407146e722ebd95a7d8bc6e3529
android.googlesource.com/platform/tools/apksig/+/039f815895f62c9f8af23df66622b66246f3f61e
android.googlesource.com/platform/tools/apksig/+/41d882324288085fd32ae0bb70dc85f5fd0e2be7
launchpad.net/bugs/cve/CVE-2023-21253
nvd.nist.gov/vuln/detail/CVE-2023-21253
security-tracker.debian.org/tracker/CVE-2023-21253
source.android.com/security/bulletin/2023-10-01
www.cve.org/CVERecord?id=CVE-2023-21253
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
5.1%