CVE Published: 27/10/2023 |
CVE Updated: 09/09/2024 |
CVE Year: 2023 Source: google_android |
Vendor: Google |
Product: Android Status : PUBLISHED
CVE-2023-40140 Description
In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.