CVE-2023-40098
https://notcve.org/view.php?id=CVE-2023-40098
In mOnDone of NotificationConversationInfo.java, there is a possible way to access app notification data of another user due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/d21ffbe8a2eeb2a5e6da7efbb1a0430ba6b022e0 https://source.android.com/security/bulletin/2023-12-01 •
CVE-2023-40092
https://notcve.org/view.php?id=CVE-2023-40092
This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/a5e55363e69b3c84d3f4011c7b428edb1a25752c https://source.android.com/security/bulletin/2023-12-01 •
CVE-2023-40090
https://notcve.org/view.php?id=CVE-2023-40090
In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. • https://android.googlesource.com/platform/packages/modules/Bluetooth/+/495417bd068c35de0729d9a332639bd0699153ff https://source.android.com/security/bulletin/2023-12-01 • CWE-203: Observable Discrepancy •
CVE-2023-40083
https://notcve.org/view.php?id=CVE-2023-40083
This could lead to local information disclosure with User execution privileges needed. • https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a218e5be5e4049eae3b321f2a535a128d65d00b6 https://android.googlesource.com/platform/packages/modules/Bluetooth/+/ea81185c89097500559d61b3d49fb9633899e848 https://source.android.com/security/bulletin/2023-12-01 • CWE-125: Out-of-bounds Read •
CVE-2023-40081
https://notcve.org/view.php?id=CVE-2023-40081
This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/6fab80f141163de4d0008f7cd081cfc4917c3c68 https://source.android.com/security/bulletin/2024-03-01 •