CVE-2023-21241
published 2023-07-13CVE-2023-21241: In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | system_nfc | >= 11:0 < 11:2023-07-01 | 11:2023-07-01 |
| platform | system_nfc | >= 12:0 < 12:2023-07-01 | 12:2023-07-01 |
| platform | system_nfc | >= 12L:0 < 12L:2023-07-01 | 12L:2023-07-01 |
| platform | system_nfc | >= 13-next:0 < 13-next:2023-07-01 | 13-next:2023-07-01 |
| platform | system_nfc | >= 13:0 < 13:2023-07-01 | 13:2023-07-01 |