CVE-2023-21053
First published: Fri Mar 24 2023(Updated: )
In sms_ExtractCbLanguage of sms_CellBroadcast.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-251805610References: N/A
Credit: security@android.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-21053.
What is the title of this vulnerability?
The title of this vulnerability is 'In sms_ExtractCbLanguage of sms_CellBroadcast.c there is a possible out of bounds read due to a missing bounds check.'
What is the severity of CVE-2023-21053?
The severity of CVE-2023-21053 is high.
How does CVE-2023-21053 impact Android?
CVE-2023-21053 could lead to remote information disclosure on Android devices.
How is CVE-2023-21053 fixed?
To fix CVE-2023-21053, a bounds check should be added to sms_ExtractCbLanguage in sms_CellBroadcast.c.
- agent/type
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/description
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/event
- agent/last-modified-date
- agent/source
- vendor/google
- canonical/android