First published: Wed Jun 28 2023(Updated: )
In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-250100597References: N/A
Credit: security@android.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-21066.
The title of this vulnerability is 'In cd_CodeMsg of cd_codec.c there is a possible out of bounds write due to a heap buffer overflow.'
The severity of CVE-2023-21066 is critical with a score of 9.8.
This vulnerability can be exploited through a heap buffer overflow, leading to potential remote code execution without requiring additional execution privileges or user interaction.
Please refer to the official reference link for information on available patches or fixes for CVE-2023-21066.