CVE-2023-32810Out-of-bounds Read in Google Android

CWE-125Out-of-bounds Read3 documents3 sources
Severity
4.4MEDIUMNVD
EPSS
0.0%
top 93.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Google AndroidLinux KernelLinuxfoundation Yocto
Timeline
PublishedSep 4

Description

In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages3 packages

NVDgoogle/android12.0, 13.0+1
NVDlinuxfoundation/yocto3.1, 3.3, 4.0+2

🔴Vulnerability Details

2
GHSA
GHSA-pg89-r7j3-c3wg: In bluetooth driver, there is a possible out of bounds read due to improper input validation2023-09-04
CVEList
CVE-2023-32810: In bluetooth driver, there is a possible out of bounds read due to improper input validation2023-09-04
CVE-2023-32810 — Out-of-bounds Read in Google Android | cvebase