Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-21271

In parseInputs of ShimPreparedModel.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE
#android#google#auth

)]}’ { "commit": "e44e1064ccec2aa09fc66bd750d66919129ae6b4", "tree": "9198945d05321169b5fb304d31b0ffadec1a056a", "parents": [ “2bffd7f5e66dd0cf7e5668fb65c4f2b2e9f87cf7” ], "author": { "name": "Przemysław Szczepaniak", "email": "[email protected]", "time": “Fri Mar 17 16:01:05 2023 +0000” }, "committer": { "name": "Android Build Coastguard Worker", "email": "[email protected]", "time": “Thu Jun 08 20:34:46 2023 +0000” }, "message": "Fix OOB read in parseInputs in ShimPreparedModel.cpp\n\nBug: 269455813\nTest: built image\n(cherry picked from https://android-review.googlesource.com/q/commit:404c6882edc91a34f60cd56f724d745b06a73756)\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:553bc285b36b6312b24087bd085f12620028fac8)\nMerged-In: Ib93baacd45f394568eb789b5196a5d0b4e1edd41\nChange-Id: Ib93baacd45f394568eb789b5196a5d0b4e1edd41\n", "tree_diff": [ { "type": "modify", "old_id": "178cc1c3309db8539d2f796f1fa5f5b9143de3c9", "old_mode": 33188, "old_path": "shim_and_sl/ShimPreparedModel.cpp", "new_id": "840d65a1996b9e325e99123693727f8a59bba6af", "new_mode": 33188, "new_path": “shim_and_sl/ShimPreparedModel.cpp” } ] }

Related news

CVE-2023-21267: Android Security Bulletin—August 2023

In doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907