PUB-A-226234140 — Vulnetix

PUB-A-226234140 PUBLISHED CVSS 8.399999618530273 HIGH

In Confirmation of keystore_cli_v2.cpp, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS v4.0

8.399999618530273

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
platform	system/security	13:0, 13, 13

Timeline

Mar 1, 2023 CVE Published
May 15, 2026 CVE Updated

References

https://source.android.com/security/bulletin/2023-03-01 advisory
https://android.googlesource.com/platform/system/security/+/9afe88283d069f99350af8ab87205318bf664005 patch

Open in Interactive Console →