SB2023100257 - Multiple vulnerabilities in Google Android
Published: October 2, 2023 Updated: December 1, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 50 secuirty vulnerabilities.
1) Stack-based buffer overflow (CVE-ID: CVE-2023-33028)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can execute arbitrary code.
2) Buffer over-read (CVE-ID: CVE-2023-33027)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.
3) Buffer over-read (CVE-ID: CVE-2023-33026)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.
4) Memory corruption (CVE-ID: CVE-2023-24853)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in HLOS. A local application can execute arbitrary code.
5) Improper Validation of Array Index (CVE-ID: CVE-2023-24850)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in HLOS. A local application can execute arbitrary code.
6) Buffer over-read (CVE-ID: CVE-2023-24849)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in Data Modem. A remote attacker can read and manipulate data.
7) Buffer over-read (CVE-ID: CVE-2023-24848)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in Data Modem. A remote attacker can read and manipulate data.
8) NULL Pointer Dereference (CVE-ID: CVE-2023-24847)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
9) Improper Access Control (CVE-ID: CVE-2023-24844)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Core. A local application can execute arbitrary code.
10) Reachable Assertion (CVE-ID: CVE-2023-24843)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
11) Buffer over-read (CVE-ID: CVE-2023-22385)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in Data Modem. A remote attacker can read and manipulate data.
12) Improper Access Control (CVE-ID: CVE-2023-21673)
The vulnerability allows a local application to escalate privileges on the device.
The vulnerability exists due to improper input validation in Kernel. A local application can escalate privileges on the device.
13) Improper Authentication (CVE-ID: CVE-2023-28540)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in Data Modem. A remote attacker can read and manipulate data.
14) Buffer overflow (CVE-ID: CVE-2021-44828)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
15) Use of Out-of-range Pointer Offset (CVE-ID: CVE-2023-24855)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation in Modem. A remote attacker can execute arbitrary code.
16) Buffer overflow (CVE-ID: CVE-2023-33035)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Audio. A local application can execute arbitrary code.
17) Signed to Unsigned Conversion Error (CVE-ID: CVE-2023-33034)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Audio. A local application can execute arbitrary code.
18) Use After Free (CVE-ID: CVE-2023-33029)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in DSP Service. A local application can execute arbitrary code.
19) Missing Authorization (CVE-ID: CVE-2023-40638)
The vulnerability allows a local application to crash the entire system.
The vulnerability exists due to a possible missing permission check within the Telecom service in Android. A local application can crash the entire system.
20) Resource exhaustion (CVE-ID: CVE-2023-32820)
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper input handling within wlan firmware. A local application can perform service disruption.
21) Information exposure (CVE-ID: CVE-2023-32819)
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to a missing bounds check within display. A local privileged application can gain access to sensitive information.
22) Out-of-bounds write (CVE-ID: CVE-2023-20819)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within CDMA PPP protocol. A local application can execute arbitrary code.
23) Race condition (CVE-ID: CVE-2023-34970)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition. A local user can exploit the race to trigger a use-after-free and execute arbitrary code with elevated privileges.
24) Use-after-free (CVE-ID: CVE-2023-33200)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a use-after-free error. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
25) Use-after-free (CVE-ID: CVE-2023-4211)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within Mali GPU Kernel Driver. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
Note, the vulnerability is being actively exploited in the wild.
26) Use-after-free (CVE-ID: CVE-2022-28348)
The vulnerability allows a malicious application to escalate privileges on the device.
The vulnerability exists due to a use-after-free error. A malicious application can trigger a use-after-free error and execute arbitrary code with elevated privileges.
27) Improper input validation (CVE-ID: CVE-2023-21253)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the System component. A local application can perform a denial of service (DoS) attack.
28) Information exposure (CVE-ID: CVE-2023-40135)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
29) Improper input validation (CVE-ID: CVE-2023-40125)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
30) Improper input validation (CVE-ID: CVE-2023-40117)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
31) Improper input validation (CVE-ID: CVE-2023-40129)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
32) Information exposure (CVE-ID: CVE-2023-40139)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
33) Information exposure (CVE-ID: CVE-2023-40138)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
34) Information exposure (CVE-ID: CVE-2023-40137)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
35) Information exposure (CVE-ID: CVE-2023-40136)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
36) Information exposure (CVE-ID: CVE-2023-40134)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
37) Information exposure (CVE-ID: CVE-2023-40121)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
38) Information exposure (CVE-ID: CVE-2023-21291)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
39) Improper input validation (CVE-ID: CVE-2023-40140)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
40) Improper input validation (CVE-ID: CVE-2023-21252)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the System component. A local application can perform a denial of service (DoS) attack.
41) Improper input validation (CVE-ID: CVE-2023-21244)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
42) Information exposure (CVE-ID: CVE-2023-40133)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
43) Information exposure (CVE-ID: CVE-2023-40123)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
44) Information exposure (CVE-ID: CVE-2023-40127)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
45) Improper input validation (CVE-ID: CVE-2023-40128)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
46) Improper input validation (CVE-ID: CVE-2023-40120)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
47) Improper input validation (CVE-ID: CVE-2023-40116)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
48) Improper input validation (CVE-ID: CVE-2023-21266)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
49) Improper input validation (CVE-ID: CVE-2023-40131)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
50) Heap-based buffer overflow (CVE-ID: CVE-2023-4863)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing WebP images within libwebp library. A remote attacker can trick the victim to visit a malicious website, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. The vulnerability affects all modern browsers that support WebP image processing.
Note, the vulnerability is being actively exploited in the wild.
Remediation
Install update from vendor's website.
References
- https://source.android.com/docs/security/bulletin/2023-10-01
- https://android.googlesource.com/platform/frameworks/base/+/84df68840b6f2407146e722ebd95a7d8bc6e3529
- https://android.googlesource.com/platform/tools/apksig/+/039f815895f62c9f8af23df66622b66246f3f61e
- https://android.googlesource.com/platform/tools/apksig/+/41d882324288085fd32ae0bb70dc85f5fd0e2be7
- https://android.googlesource.com/platform/frameworks/base/+/08becc8c600f14c5529115cc1a1e0c97cd503f33
- https://android.googlesource.com/platform/packages/apps/Settings/+/63d464c3fa5c7b9900448fef3844790756e557eb
- https://android.googlesource.com/platform/packages/apps/Settings/+/11815817de2f2d70fe842b108356a1bc75d44ffb
- https://android.googlesource.com/platform/frameworks/base/+/ff86ff28cf82124f8e65833a2dd8c319aea08945
- https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c0151aa3ba76c785b32c7f9d16c98febe53017b1
- https://android.googlesource.com/platform/frameworks/base/+/3287ac2d2565dc96bf6177967f8e3aed33954253
- https://android.googlesource.com/platform/frameworks/base/+/cb6282e8970f4c9db5497889699e68fb2038566e
- https://android.googlesource.com/platform/frameworks/base/+/2d88a5c481df8986dbba2e02c5bf82f105b36243
- https://android.googlesource.com/platform/packages/modules/Wifi/+/044ab0684153c4effb9f4fda47df43ccdc77bda8
- https://android.googlesource.com/platform/packages/modules/Wifi/+/50b08ee30e04d185e5ae97a5f717d436fd5a90f3
- https://android.googlesource.com/platform/frameworks/base/+/3a448067ac9ebdf669951e90678c2daa592a81d3
- https://android.googlesource.com/platform/frameworks/base/+/20aedba4998373addc2befcc455a118585559fef
- https://android.googlesource.com/platform/frameworks/base/+/5a3d0c131175d923cf35c7beb3ee77a9e6485dad
- https://android.googlesource.com/platform/frameworks/base/+/7212a4bec2d2f1a74fa54a12a04255d6a183baa9
- https://android.googlesource.com/platform/packages/providers/MediaProvider/+/747431250612507e8289ae8eb1a56303e79ab678
- https://android.googlesource.com/platform/external/libxml2/+/1ccf89b87a3969edd56956e2d447f896037c8be7
- https://android.googlesource.com/platform/frameworks/base/+/d26544e5a4fd554b790b4d0c5964d9e95d9e626b
- https://android.googlesource.com/platform/frameworks/base/+/18c3b194642f3949d09e48c21da5658fa04994c8
- https://android.googlesource.com/platform/frameworks/base/+/5b7edbf2ba076b04000eb5d27101927eeb609c26
- https://android.googlesource.com/platform/frameworks/native/+/0cda11569dd256ff3220b4fe44f861f8081d7116
- https://source.android.com/docs/security/bulletin/2023-10-01#2023-10-06-security-patch-level-vulnerability-details