{"vulnerability": "cve-2023-2104", "sightings": [{"uuid": "67282fc7-d3eb-4e6d-8f23-9b153e7a9a48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21049", "type": "seen", "source": "https://t.me/cibsecurity/60714", "content": "\u203c CVE-2023-21049 \u203c\n\nIn append_camera_metadata of camera_metadata.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-236688120References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-24T23:50:56.000000Z"}, {"uuid": "55943868-3e15-4d59-908f-6ab73c0984fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21048", "type": "seen", "source": "https://t.me/cibsecurity/60715", "content": "\u203c CVE-2023-21048 \u203c\n\nIn handleEvent of nan.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259304053References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-24T23:51:00.000000Z"}, {"uuid": "24ff5d87-8ae1-4f8b-ab85-d4d96d300f89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21048", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5221", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21048\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In handleEvent of nan.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259304053References: N/A\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-24T19:38:25.264Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-03-01", "creation_timestamp": "2025-02-24T20:22:28.000000Z"}, {"uuid": "c51771eb-3eed-4ac1-8886-1e6f2a50efea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21045", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5220", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21045\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: When cpif handles probe failures, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323725References: N/A\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-24T19:44:49.931Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-03-01", "creation_timestamp": "2025-02-24T20:22:27.000000Z"}, {"uuid": "43145c7f-a8ef-452b-95c6-656778f40155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21044", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5219", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21044\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In init of VendorGraphicBufferMeta, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-253425086References: N/A\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-24T19:47:54.358Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-03-01", "creation_timestamp": "2025-02-24T20:22:23.000000Z"}, {"uuid": "99dc7e6f-b030-477b-ab6f-d87e8789e80b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21042", "type": "seen", "source": "https://t.me/cibsecurity/60664", "content": "\u203c CVE-2023-21042 \u203c\n\nIn (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239873326References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-24T23:42:44.000000Z"}, {"uuid": "da5e9fed-513f-4319-8f87-fb81e851a7bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21043", "type": "seen", "source": "https://t.me/cibsecurity/60662", "content": "\u203c CVE-2023-21043 \u203c\n\nIn (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239872581References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-24T23:42:42.000000Z"}, {"uuid": "768c54ed-1957-4619-bb02-bec215d23d34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21041", "type": "seen", "source": "https://t.me/cibsecurity/60661", "content": "\u203c CVE-2023-21041 \u203c\n\nIn append_to_params of param_util.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-250123688References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-24T23:42:41.000000Z"}, {"uuid": "5959fc79-cab3-4e5b-85f7-b9866ec28855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21049", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4982", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21049\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In append_camera_metadata of camera_metadata.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-236688120References: N/A\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-21T21:07:30.986Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-03-01", "creation_timestamp": "2025-02-21T21:22:32.000000Z"}, {"uuid": "20b347a3-f267-4bb4-85f4-442730809a76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21046", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5621", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21046\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-253424924References: N/A\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-26T21:02:52.353Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-03-01", "creation_timestamp": "2025-02-26T21:25:39.000000Z"}]}