CVE-2023-21067 – This CVE describes an information disclosure vu... (How to Fix)

Q: What is the severity of CVE-2023-21067?

CVE-2023-21067 has a CVSS score of 7.5 (HIGH). This CVE describes an information disclosure vulnerability in the Android kernel that could allow local attackers to access sensitive information without proper authorization. It affects Android devices running vulnerable kernel versions. The vulnerability requires local access to the device.

📋 TL;DR

This CVE describes an information disclosure vulnerability in the Android kernel that could allow local attackers to access sensitive information without proper authorization. It affects Android devices running vulnerable kernel versions. The vulnerability requires local access to the device.

💻 Affected Systems

Products:

Android devices

Versions: Android kernel versions prior to March 2023 security patch

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Specifically affects Pixel devices and potentially other Android devices using similar kernel configurations.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with local access could read sensitive kernel memory, potentially exposing cryptographic keys, authentication tokens, or other protected data.

🟠

Likely Case

Local malicious applications could exploit this to gather information about the system or other applications, potentially leading to further exploitation.

🟢

If Mitigated

With proper application sandboxing and SELinux policies, the impact is limited to information accessible within the attacker's privilege level.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring access to the device.

🏢 Internal Only: MEDIUM - Could be exploited by malicious apps or users with physical access to devices.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and some technical knowledge of kernel exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: March 2023 Android security patch level

Vendor Advisory: https://source.android.com/security/bulletin/pixel/2023-03-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > System update. 2. Install the March 2023 security patch. 3. Reboot the device after installation.

🔧 Temporary Workarounds

Restrict app installations

android

Only install apps from trusted sources like Google Play Store to reduce risk of malicious apps exploiting this vulnerability.

Enable Google Play Protect

android

Ensure Google Play Protect is enabled to scan for potentially harmful apps.

🧯 If You Can't Patch

Restrict physical access to devices and implement strict app installation policies.
Monitor for suspicious app behavior and consider using mobile device management (MDM) solutions.

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version. If patch level is earlier than March 2023, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows 'March 5, 2023' or later in Settings > About phone > Android version.

📡 Detection & Monitoring

Log Indicators:

Kernel crash dumps
SELinux denials related to memory access
Unusual permission requests from apps

Network Indicators:

Not applicable - local vulnerability

SIEM Query:

Not applicable for typical Android deployments

📊 Metadata

CVE ID: CVE-2023-21067

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

Published: March 24, 2023

Last Updated: February 20, 2025

🔗 References

https://source.android.com/security/bulletin/pixel/2023-03-01 Vendor Advisory
https://source.android.com/security/bulletin/pixel/2023-03-01 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-21067, you might also want to check these: