CVE-2023-21639

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 4, 2023

Updated: Apr 12, 2024

CWE ID 787

CWE ID 120

Summary

CVE-2023-21639 is a memory corruption vulnerability affecting the Audio subsystem. The issue arises when processing sva_model_serializer with an incorrect memory size provided by the HIDL client. This can result in unintended code execution, potentially leading to security compromises. The vulnerability poses a significant risk if exploited, making it crucial for affected systems to be patched promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r26mt-
https://www.cve.org/CVERecord?id=CVE-2023-21639
https://nvd.nist.gov/vuln/detail/CVE-2023-21639

Back to Vulnerability Database

CVE-2023-21639

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations