CVE-2023-21377

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Oct 30, 2023

Updated: Nov 3, 2023

Summary

CVE-2023-21377 is a vulnerability affecting the SELinux Policy. It allows for a permissions bypass, enabling an attacker to potentially gain local access to sensitive information without requiring any additional execution privileges or user interaction. This issue could lead to information disclosure, posing a risk to system security.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s486PJ
https://www.cve.org/CVERecord?id=CVE-2023-21377
https://nvd.nist.gov/vuln/detail/CVE-2023-21377

Back to Vulnerability Database