CVE-2023-21402: Input Validation
First published: Mon Dec 04 2023(Updated: )
In MMU_UnmapPages of mmu_common.c, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
Credit: security@android.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Google Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-21402?
CVE-2023-21402 is a vulnerability found in Google Android that could allow an attacker to execute arbitrary code on a targeted device.
How severe is CVE-2023-21402?
CVE-2023-21402 has a severity rating of high with a value of 7.
How can I fix CVE-2023-21402?
To fix CVE-2023-21402, it is recommended to apply the security patch provided by Google for your Android device.
Where can I find more information about CVE-2023-21402?
You can find more information about CVE-2023-21402 in the official Android Security Bulletin for December 2023.
Is my Android device affected by CVE-2023-21402?
If you are using an unpatched version of Google Android, your device may be affected by CVE-2023-21402. It is advisable to check for updates and apply them as soon as possible.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-api
- agent/software-canonical-lookup-request
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/description
- agent/event
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/google
- canonical/google android