CVSS Score of 10 (low)


Published Jun 28, 2023
Updated: Jul 6, 2023
CWE ID 787


CVE-2023-21222 is a vulnerability that affects the Android kernel. In the load_dt_data function of storage.c, there is a missing bounds check which could result in an out of bounds write. This vulnerability has the potential to enable local escalation of privilege, requiring System execution privileges. User interaction is not needed for exploitation. The affected products include Android versions and various other products such as ReNyly, UHl8aw, R3jFfL, UrPvre, dqjtsv, SKPl6S, Zugetv, SjtmR4, b0ybKj, Lqwy-M, ZxDMry, h7iPeZ, and jXEnln. The severity of this vulnerability is rated as MEDIUM with a base score of 6.7 out of 10 and high impact on integrity and confidentiality. Remediation steps or references are not provided for this vulnerability.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-21222 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options