Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-40109

Published: 15/02/2024 Updated: 16/02/2024

Vulnerability Summary

In createFromParcel of UsbConfiguration.java, there is a possible background activity launch (BAL) due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Vendor Advisories

Google Chrome: Stable Channel Update for ChromeOS/ChromeOS Flex
ChromeOS M119 StableThe Stable channel is being updated to OS version: 15633440 Browser version: 11906045158 for most ChromeOS devicesIf you find new issues, please let us know one of the following waysFile a bugVisit our ChromeOS communitiesGeneral: Chromebook Help CommunityBeta Specific: ChromeOS Beta Help Comm ...

References

https://android.googlesource.com/platform/frameworks/base/+/387d258cf10a30537fc48dc0e48d28071efa92e7https://source.android.com/security/bulletin/2023-11-01https://nvd.nist.govhttps://chromereleases.googleblog.com/2023/11/stable-channel-update-for.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client sideCVE-2023-31889template injectionCVE-2024-4304CVE-2006-4304CVE-2024-33272type confusionCVE-2024-21345CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook