CVE-2023-21392

Severity CVSS v4.0:
Pending analysis
Type:
CWE-416 Use After Free
Publication date:
30/10/2023
Last modified:
07/11/2023

Description

In Bluetooth, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege when connecting to a Bluetooth device with no additional execution privileges needed. User interaction is not needed for exploitation.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:google:android:*:*:*:*:*:*:*:* 14.0 (excluding)


References to Advisories, Solutions, and Tools