CVE-2023-21130: Buffer Overflow
First published: Mon Jun 05 2023(Updated: )
In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-273502002
Credit: security@android.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | =13.0 | |
| Google Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-21130.
What is the severity of CVE-2023-21130?
The severity of CVE-2023-21130 is critical with a severity value of 9.8.
What is the description of CVE-2023-21130?
CVE-2023-21130 is a vulnerability in btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc that allows remote code execution due to a buffer overflow.
How does CVE-2023-21130 impact Android?
CVE-2023-21130 can lead to remote code execution on Android devices running version 13.0.
What is the fix for CVE-2023-21130?
A fix for CVE-2023-21130 is available in the latest security bulletin from Google. It is recommended to update your Android device to the latest version.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/weakness
- agent/last-modified-date
- agent/remedy
- agent/author
- agent/severity
- agent/references
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/google
- canonical/google android
- version/google android/13.0