github - ghsa-672c-38pw-m2m5

ghsa-672c-38pw-m2m5

Vulnerability from github

Published

2023-07-13 00:30

Modified

2024-04-04 06:05

Severity

5.5 (Medium) - CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-21240"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-13T00:15:23Z",
    "severity": "MODERATE"
  },
  "details": "In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n",
  "id": "GHSA-672c-38pw-m2m5",
  "modified": "2024-04-04T06:05:14Z",
  "published": "2023-07-13T00:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21240"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/69119d1d3102e27b6473c785125696881bce9563"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2023-07-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cve-2023-21240

Vulnerability from cvelistv5

Published

2023-07-12 23:23

Modified

2024-08-02 09:28

Severity

Summary

In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

References

URL	Tags
https://android.googlesource.com/platform/packages/modules/Wifi/+/69119d1d3102e27b6473c785125696881bce9563
https://source.android.com/security/bulletin/2023-07-01

Impacted products

Vendor	Product
Google	Android

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:28:26.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/69119d1d3102e27b6473c785125696881bce9563"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2023-07-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "13"
            },
            {
              "status": "affected",
              "version": "12L"
            },
            {
              "status": "affected",
              "version": "12"
            },
            {
              "status": "affected",
              "version": "11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIn Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.\u003c/p\u003e"
            }
          ],
          "value": "In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of service",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-12T23:23:54.255Z",
        "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "shortName": "google_android"
      },
      "references": [
        {
          "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/69119d1d3102e27b6473c785125696881bce9563"
        },
        {
          "url": "https://source.android.com/security/bulletin/2023-07-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
    "assignerShortName": "google_android",
    "cveId": "CVE-2023-21240",
    "datePublished": "2023-07-12T23:23:54.255Z",
    "dateReserved": "2022-11-03T22:37:50.651Z",
    "dateUpdated": "2024-08-02T09:28:26.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.