CVE-2023-20938 — Use After Free in Google Android

CWE-416 — Use After Free CWE-122 — Heap-based Buffer Overflow28 documents7 sources

Severity

7.8HIGHNVD

OSV5.5OSV4.7

EPSS

0.2%

top 63.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Debian Linux Google Android

Timeline

PublishedFeb 28

Latest updateMay 3

Description

In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257685302References: Upstream kernel

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶Debianlinux/linux_kernel< 5.10.158-1+3

▶Ubuntulinux/linux_kernel< 5.4.0-144.161+1

▶googlegoogle/android

▶debiandebian/linux< linux 5.17.6-1 (bookworm)

Patches

Patch: source.android.com ↗Patch: source.android.com ↗

🔴Vulnerability Details

OSV

linux-intel-iotg vulnerabilities↗2023-06-01

▶

OSV

linux-intel-iotg-5.15 vulnerabilities↗2023-06-01

▶

OSV

linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-oracle-5.15 vulnerabilities↗2023-05-18

▶

OSV

linux-raspi vulnerabilities↗2023-05-17

▶

OSV

linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle ↗2023-05-16

▶

📋Vendor Advisories

Red Hat

bluez: phone book access profile heap-based buffer overflow remote code execution vulnerability↗2024-05-03

▶

Ubuntu

Linux kernel (Intel IoTG) vulnerabilities↗2023-06-01

▶

Ubuntu

Linux kernel (Intel IoTG) vulnerabilities↗2023-06-01

▶

Ubuntu

Linux kernel vulnerabilities↗2023-05-18

▶

Ubuntu

Linux kernel (Raspberry Pi) vulnerabilities↗2023-05-17

▶