CVE-2023-21392Detail
This CVE record was updated after NVD enrichment efforts were completed. The enrichment data provided by the NVD may require modification due to these changes.
Description
In Bluetooth, there is a possible way to corrupt the memory due to use after free use. This could lead to local escalation of privilege when connecting to a Bluetooth device with no additional execution privileges needed. User interaction is not required for operation.
Metric
NVD enrichment efforts refer to publicly available information to associate vector strings. CVSS information provided by other sources is also displayed.
References to advice, solutions and tools
By selecting these links, you will leave the NIST web space. We have provided these links to other websites because they may contain information that may be of interest to you. No inference should be drawn from whether or not other sites are referenced from this page. There may be other websites better suited to your needs. NIST does not necessarily endorse the opinions expressed or the facts presented on these sites. Additionally, NIST does not endorse any commercial products that may be mentioned on these sites. Please direct your comments on this page to [email protected].
List of weaknesses
| ID CWE | CWE Name | Source |
|---|---|---|
|
CWE-416 |
Use after for free |
NIST |
Quick information
CVE dictionary entry:
CVE-2023-21392
NVD publication date:
10/30/2023
NVD Last modification:
11/21/2024
Source:
Android (associated with Google Inc. or Open Handset Alliance)
