CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21260
https://notcve.org/view.php?id=CVE-2023-21260
In notification access permission dialog box, malicious application can embedded a very long service label that overflow the original user prompt and possibly contains mis-leading information to be appeared as a system message for user confirmation. • https://source.android.com/security/bulletin/aaos/2023-07-01 • CWE-346: Origin Validation Error •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 1CVE-2023-21400
https://notcve.org/view.php?id=CVE-2023-21400
In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation. • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html http://www.openwall.com/lists/oss-security/2023/07/14/2 http://www.openwall.com/lists/oss-security/2023/07/19/2 http://www.openwall.com/lists/oss-security/2023/07/19/7 http://www.openwall.com/lists/oss-security/2023/07/25/7 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://security.netapp.com/advisory/ntap-20240119-0012 https://source.android.com • CWE-667: Improper Locking •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-21255
https://notcve.org/view.php?id=CVE-2023-21255
In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://android.googlesource.com/kernel/common/+/1ca1130ec62d https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://security.netapp.com/advisory/ntap-20240119-0010 https://source.android.com/security/bulletin/2023-07-01 https://www.debian.org/security/2023/dsa-5480 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21251
https://notcve.org/view.php?id=CVE-2023-21251
In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. • https://android.googlesource.com/platform/frameworks/base/+/57946e2bb73850e817b3c01fa5350d705e178e39 https://source.android.com/security/bulletin/2023-07-01 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21250
https://notcve.org/view.php?id=CVE-2023-21250
In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. • https://android.googlesource.com/platform/packages/modules/Bluetooth/+/ec573bc83f1ed6722f7cb29431dcb2db7f10bf28 https://source.android.com/security/bulletin/2023-07-01 • CWE-787: Out-of-bounds Write •