VDB

CISA-2023-21367

CISA-2023-21367 PUBLISHED

Reported by google_android · Published October 30, 2023

In Scudo, there is a possible way to exploit certain heap OOB read/write issues due to an insecure implementation/design. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Products

VendorProductVersions
GoogleAndroid14
GoogleAndroid14, 14

Timeline

  • Oct 30, 2023 CVE Published
  • Sep 6, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›