Open mend-bolt-for-github[bot] opened 1 year ago
Library home page: https://android.googlesource.com/platform/frameworks/av
Found in base branch: master
/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation.
Publish Date: 2023-07-12
URL: CVE-2023-21262
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: Low - Availability Impact: None
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2023-21262
Release Date: 2023-07-12
Fix Resolution: android-13.0.0_r61
Step up your Open Source Security Game with Mend here
CVE-2023-21262 - Low Severity Vulnerability
Vulnerable Library - avandroid-11.0.0_r47
Library home page: https://android.googlesource.com/platform/frameworks/av
Found in base branch: master
Vulnerable Source Files (1)
/services/audiopolicy/service/AudioPolicyInterfaceImpl.cpp
Vulnerability Details
In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation.
Publish Date: 2023-07-12
URL: CVE-2023-21262
CVSS 3 Score Details (3.1)
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2023-21262
Release Date: 2023-07-12
Fix Resolution: android-13.0.0_r61
Step up your Open Source Security Game with Mend here