9VSA23-00913-01 CSIRT comparte información de actualización de seguridad mensual de Android correspondiente a octubre 2023

El CSIRT de Gobierno comparte información de la actualización mensual de seguridad de Android correspondiente a octubre de 2023.
9VSA23-00913-01.png

Resumen

El CSIRT de Gobierno comparte información de la actualización mensual de seguridad de Android correspondiente a octubre de 2023.

Vulnerabilidades

CVE-2023-21266

CVE-2023-40116

CVE-2023-40120

CVE-2023-40131

CVE-2023-40140

CVE-2023-40121

CVE-2023-40136

CVE-2023-40134

CVE-2023-40137

CVE-2023-40138

CVE-2023-40139

CVE-2023-21291

CVE-2023-21244

CVE-2023-40117

CVE-2023-40129

CVE-2023-40125

CVE-2023-40128

CVE-2023-40130

CVE-2023-40123

CVE-2023-40127

CVE-2023-40133

CVE-2023-40135

CVE-2023-21252

CVE-2023-21253

CVE-2022-28348

CVE-2021-44828

CVE-2023-4211

CVE-2023-33200

CVE-2023-34970

CVE-2023-20819

CVE-2023-32819

CVE-2023-32820

CVE-2023-40638

CVE-2023-33029

CVE-2023-33034

CVE-2023-33035

CVE-2023-24855

CVE-2023-28540

CVE-2023-33028

CVE-2023-21673

CVE-2023-22385

CVE-2023-24843

CVE-2023-24844

CVE-2023-24847

CVE-2023-24848

CVE-2023-24849

CVE-2023-24850

CVE-2023-24853

CVE-2023-33026

CVE-2023-33027

CVE-2023-4863

Impacto

Vulnerabilidades de riesgo crítico

CVE-2023-40129: Vulnerabilidad de sistema que podría llevar a ejecución remota de código sin necesidad de privilegios de ejecución adicionales.

Mitigación

Instalar las respectivas actualizaciones entregadas por el proveedor.

Productos afectados
Android.

Enlaces

https://source.android.com/docs/security/bulletin/2023-10-01

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21266

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40116

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40120

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40131

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40140

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40121

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40136

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40134

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40137

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40138

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40139

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21291

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21244

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40117

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40129

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40125

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40128

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40130

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40123

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40127

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40133

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40135

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21252

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21253

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28348

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44828

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4211

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33200

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34970

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20819

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32819

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32820

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40638

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33029

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33034

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33035

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24855

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28540

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33028

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21673

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22385

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24843

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24844

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24847

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24848

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24849

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24850

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24853

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33026

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33027

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4863

Informe

El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA23-00913-01.