exploitDog

CVE-2023-21144

Опубликовано: 15 июн. 2023

Источник: nvd

CVSS3: 7.5

EPSS Средний

Описание

In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252766417

Ссылки

https://source.android.com/security/bulletin/2023-06-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/2023-06-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*

cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.1527

Средний

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-770

Связанные уязвимости

GHSA-66f8-vggg-rhqg

CVSS3: 7.5

github

больше 2 лет назад

In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252766417

EPSS

Процентиль: 94%

0.1527

Средний

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-770