Open mend-bolt-for-github[bot] opened 3 months ago
Android framework classes and services
Library home page: https://android.googlesource.com/platform/frameworks/base
Found in HEAD commit: 0b10dce4665c3b32c1b55e0f7e681151eec000bd
Found in base branch: master
/core/java/android/os/PersistableBundle.java
In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Publish Date: 2023-12-04
URL: CVE-2023-40074
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
Type: Upgrade version
Origin: https://source.android.com/docs/security/bulletin/2023-12-01
Release Date: 2023-12-04
Fix Resolution: android-14.0.0_r1
Step up your Open Source Security Game with Mend here
CVE-2023-40074 - Medium Severity Vulnerability
Android framework classes and services
Library home page: https://android.googlesource.com/platform/frameworks/base
Found in HEAD commit: 0b10dce4665c3b32c1b55e0f7e681151eec000bd
Found in base branch: master
In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Publish Date: 2023-12-04
URL: CVE-2023-40074
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://source.android.com/docs/security/bulletin/2023-12-01
Release Date: 2023-12-04
Fix Resolution: android-14.0.0_r1
Step up your Open Source Security Game with Mend here