CVE-2023-32870

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Dec 4, 2023

Updated: Dec 7, 2023

CWE ID 125

Summary

CVE-2023-32870 is a newly identified vulnerability affecting the display drm component. The issue stems from a missing bounds check, which allows an attacker to perform an out-of-bounds read. With successful exploitation, the attacker could gain local privilege escalation, requiring System execution privileges. Distinctly, user interaction is not a prerequisite for exploitation. The patch ID for mitigation is ALPS07363740, and the issue is identified as ALPS07363740.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tqmpXU
https://www.cve.org/CVERecord?id=CVE-2023-32870
https://nvd.nist.gov/vuln/detail/CVE-2023-32870

Back to Vulnerability Database