Security Advisory

CVE-2023-40075

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-04 22:40:50

Last updated 2024-08-28 17:46:20

Assigner google_android

State PUBLISHED

Description

In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check. This could lead to local denial of service which results in a boot loop with no additional execution privileges needed. User interaction is not needed for exploitation.

← Browse all CVEs View on cve.org ↗