Rewterz Threat Advisory – Multiple Google Android Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-40074 CVSS:6.2

Google Android is vulnerable to a denial of service, caused by a flaw in saveToXml of PersistableBundle.java. By executing a specially crafted application, a local attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-40075 CVSS:6.2

Google Android is vulnerable to a denial of service, caused by a missing bounds check in forceReplaceShortcutInner of ShortcutPackage.java. By executing a specially crafted application, a local attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-40076 CVSS:8.4

Google Android could allow a local attacker to gain elevated privileges on the system, caused by a permissions bypass in createPendingIntent of CredentialManagerUi.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2023-40077 CVSS:9.8

Google Android could allow a remote attacker to gain elevated privileges on the system, caused by a race condition in multiple functions of MetaDataBase.cpp. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2023-40078 CVSS:8.8

Google Android could allow a remote attacker to gain elevated privileges on the system, caused by a heap buffer overflow in a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2023-40079 CVSS:8.4

Google Android could allow a local attacker to gain elevated privileges on the system, caused by a permissions bypass in injectSendIntentSender of ShortcutService.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2023-40080 CVSS:8.4

Google Android could allow a local attacker to gain elevated privileges on the system, caused by a logic error in the code in multiple functions of btm_ble_gap.cc. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2023-40082 CVSS:9.8

Google Android could allow a remote attacker to gain elevated privileges on the system, caused by improperly used crypto in modify_for_next_stage of fdt.rs. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2023-40084 CVSS:8.4

Google Android could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free in run in the MDnsSdListener.cpp script. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2023-40087 CVSS:8.4

Google Android could allow a local attacker to gain elevated privileges on the system, caused by missing bounds checks in transcodeQ*ToFloat in the btif_avrcp_audio_track.cc script. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges on the system.

Impact

• Denial of Service
• Privileges Escalation

Indicators Of Compromise

CVE

• CVE-2023-40074
• CVE-2023-40075
• CVE-2023-40076
• CVE-2023-40077
• CVE-2023-40078
• CVE-2023-40079
• CVE-2023-40080
• CVE-2023-40082
• CVE-2023-40084
• CVE-2023-40087

Affected Vendors

Google

Affected Products

• Google Android 12
• Google Android 11
• Google Android 12L
• Google Android 13
• Google Android 14

Remediation

Refer to the Android Open Source Project for patch, upgrade or suggested workaround information.

Android Open Source Project