First published: Tue Sep 05 2023(Updated: )
In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Credit: security@android.com security@android.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | =13.0 | |
Google Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-35681.
The severity of CVE-2023-35681 is critical, with a severity value of 9.
This vulnerability can be exploited remotely without any additional execution privileges, and user interaction is not needed.
Google Android versions 13.0 and earlier are affected by CVE-2023-35681.
To fix CVE-2023-35681, it is recommended to update to a patched version of Google Android.