Home > Vulnerability Database > CVE-2023-21253

Mend.io Vulnerability Database

CVE-2023-21253

Date: October 6, 2023

In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Language: Java

Severity Score

5.5

Related Resources (6)

Url: https://android.googlesource.com/platform/tools/apksig/+/039f815895f62c9f8af23df66622b66246f3f61e

Url: https://android.googlesource.com/platform/frameworks/base/+/84df68840b6f2407146e722ebd95a7d8bc6e3529

Url: https://source.android.com/security/bulletin/2023-10-01

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-21253

Url: https://android.googlesource.com/platform/tools/apksig/+/41d882324288085fd32ae0bb70dc85f5fd0e2be7

Url: https://www.mend.io/vulnerability-database/CVE-2023-21253

Severity Score

5.5

Weakness Type (CWE)

Uncontrolled Resource Consumption ('Resource Exhaustion')

CWE-400

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-21253

Date: October 6, 2023

Language: Java

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?