CVE-2023-20843

CVSS 3.1 Score 4.2 of 10 (medium)

Details

Published Sep 4, 2023

Updated: Sep 7, 2023

CWE ID 125

Summary

CVE-2023-20843 is a newly discovered vulnerability affecting the imgsys_cmdq component. It involves a missing range check leading to a potential out-of-bounds read. If exploited, this issue could result in local information disclosure, requiring System execution privileges. User interaction is necessary for successful exploitation. The patch for this vulnerability is identified as ALPS07340119.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android
Linux Kernel

Affected Vendors

Google
LINUX
Linux Foundation
Mediatek Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sjd1_R
https://www.cve.org/CVERecord?id=CVE-2023-20843
https://nvd.nist.gov/vuln/detail/CVE-2023-20843

Back to Vulnerability Database