First published: Mon Sep 04 2023(Updated: )
In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed
Credit: security@unisoc.com security@unisoc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | =11.0 | |
Unisoc S8000 | ||
Unisoc Sc7731e | ||
Unisoc Sc9832e | ||
Unisoc Sc9863a | ||
Unisoc T310 | ||
Unisoc T606 | ||
Unisoc T610 | ||
Unisoc T612 | ||
Unisoc T616 | ||
Unisoc T618 | ||
Unisoc T760 | ||
Unisoc T770 | ||
Unisoc T820 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-38553 is medium, with a severity value of 6.7.
The out of bounds write vulnerability in gnss service can be exploited by performing a local escalation of privilege with System execution privileges needed.
The software affected by CVE-2023-38553 is Google Android 11.0.
No, Unisoc S8000 is not vulnerable to CVE-2023-38553.
More information about CVE-2023-38553 can be found at the following link: [link](https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434).