{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-21227", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "state": "PUBLISHED", "assignerShortName": "google_android", "dateReserved": "2022-11-03T22:37:50.648Z", "datePublished": "2023-12-04T22:40:48.217Z", "dateUpdated": "2024-08-02T09:28:26.129Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2023-12-22T00:16:40.500Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Information disclosure"}]}], "affected": [{"vendor": "Google", "product": "Android", "versions": [{"version": "Android SoC", "status": "affected"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "In HTBLogKM of htbserver.c, there is a possible information disclosure due to log information disclosure. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation."}], "references": [{"url": "https://source.android.com/security/bulletin/2023-12-01"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:28:26.129Z"}, "title": "CVE Program Container", "references": [{"url": "https://source.android.com/security/bulletin/2023-12-01", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In HTBLogKM of htbserver.c, there is a possible information disclosure due to log information disclosure. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation."}, {"lang": "es", "value": "Hay divulgaci\u00f3n de informaci\u00f3n."}], "id": "CVE-2023-21227", "lastModified": "2023-12-22T01:15:08.740", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-04T23:15:22.720", "references": [{"source": "security@android.com", "tags": ["Vendor Advisory"], "url": "https://source.android.com/security/bulletin/2023-12-01"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}