CVE-2023-21118

MEDIUM Year: 2023
CVSS v3 Score
6.2
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004

Related Vulnerabilities

CVE-2014-8716

MEDIUM
CVSS:6.2(Medium)

The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).

CWE-1252014

CVE-2017-13290

MEDIUM
CVSS:6.2(Medium)

In sdp_server_handle_client_req of sdp_server.cc, there is an out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges ...

CWE-1252017

CVE-2017-13321

MEDIUM
CVSS:6.2(Medium)

In SensorService::isDataInjectionEnabled of frameworks/native/services/sensorservice/SensorService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local i...

CWE-1252017

CVE-2018-9435

MEDIUM
CVSS:6.2(Medium)

In gatt_process_error_rsp of gatt_cl.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges ne...

CWE-1252018

CVE-2021-47244

MEDIUM
CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix out of bounds when parsing TCP options The TCP option parser in mptcp (mptcp_get_options) could read one byte out of boun...

CWE-1252021

CVE-2024-20107

MEDIUM
CVSS:6.2(Medium)

In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not nee...

CWE-1252024