Vulnerability Details CVE-2023-21264
In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.4%
CVSS Severity
CVSS v3 Score 6.7
References
- https://android.googlesource.com/kernel/common/+/53625a846a7b4
- https://android.googlesource.com/kernel/common/+/b35a06182451f
- https://source.android.com/security/bulletin/2023-08-01
- https://android.googlesource.com/kernel/common/+/53625a846a7b4
- https://android.googlesource.com/kernel/common/+/b35a06182451f
- https://source.android.com/security/bulletin/2023-08-01