CVE-2023-20838

CVSS 3.1 Score 4.0 of 10 (medium)

Details

Published Sep 4, 2023

Updated: Sep 7, 2023

CWE ID 125

Summary

CVE-2023-20838 is a cybersecurity vulnerability affecting the imgsys component. This issue involves a race condition that enables a possible out-of-bounds read. The consequence of this vulnerability could result in local information disclosure, requiring System execution privileges to exploit successfully. It's essential to note that user interaction is necessary for an attacker to leverage this vulnerability. The patch ID for addressing this issue is ALPS07326455, and the internal reference number is ALPS07326418.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android
Linux Kernel

Affected Vendors

Google
LINUX
Linux Foundation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sjeth-
https://www.cve.org/CVERecord?id=CVE-2023-20838
https://nvd.nist.gov/vuln/detail/CVE-2023-20838

Back to Vulnerability Database