VYPR
Unrated severityNVD Advisory· Published Feb 15, 2024· Updated Aug 27, 2024

CVE-2023-40106

CVE-2023-40106

Description

In sanitizeSbn of NotificationManagerService.java, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Google/Androidllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 14

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.