CVE-2023-21228
First published: Mon Dec 04 2023(Updated: )
In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
Credit: security@android.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Google Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-21228.
What is the severity of vulnerability CVE-2023-21228?
The severity of vulnerability CVE-2023-21228 is high with a severity value of 7.
What is the description of vulnerability CVE-2023-21228?
Vulnerability CVE-2023-21228 involves elevation of privilege.
Which software is affected by vulnerability CVE-2023-21228?
Vulnerability CVE-2023-21228 affects Google Android.
How can I fix vulnerability CVE-2023-21228?
To fix vulnerability CVE-2023-21228, refer to the official security bulletin provided by Google.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-api
- agent/software-canonical-lookup-request
- agent/author
- agent/severity
- agent/event
- agent/references
- agent/tags
- agent/description
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/google
- canonical/google android