In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure if the attacker is able to observe the behavior of the subsequent switch conditional with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/pixel/2023-12-01 | Vendor Advisory |
Configurations
History
12 Mar 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure if the attacker is able to observe the behavior of the subsequent switch conditional with no additional execution privileges needed. User interaction is not needed for exploitation. |
12 Dec 2023, 19:51
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
First Time |
Google
Google android |
|
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:o:google:android:-:*:*:*:*:*:*:* | |
References | () https://source.android.com/security/bulletin/pixel/2023-12-01 - Vendor Advisory |
08 Dec 2023, 16:37
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-08 16:15
Updated : 2024-03-12 21:15
NVD link : CVE-2023-48403
Mitre link : CVE-2023-48403
CVE.ORG link : CVE-2023-48403
JSON object : View
Products Affected
- android
CWE
CWE-787
Out-of-bounds Write