9VSA23-00913-01 CSIRT comparte información de actualización de seguridad mensual de Android correspondiente a octubre 2023
Resumen
El CSIRT de Gobierno comparte información de la actualización mensual de seguridad de Android correspondiente a octubre de 2023.
Vulnerabilidades
CVE-2023-21266
CVE-2023-40116
CVE-2023-40120
CVE-2023-40131
CVE-2023-40140
CVE-2023-40121
CVE-2023-40136
CVE-2023-40134
CVE-2023-40137
CVE-2023-40138
CVE-2023-40139
CVE-2023-21291
CVE-2023-21244
CVE-2023-40117
CVE-2023-40129
CVE-2023-40125
CVE-2023-40128
CVE-2023-40130
CVE-2023-40123
CVE-2023-40127
CVE-2023-40133
CVE-2023-40135
CVE-2023-21252
CVE-2023-21253
CVE-2022-28348
CVE-2021-44828
CVE-2023-4211
CVE-2023-33200
CVE-2023-34970
CVE-2023-20819
CVE-2023-32819
CVE-2023-32820
CVE-2023-40638
CVE-2023-33029
CVE-2023-33034
CVE-2023-33035
CVE-2023-24855
CVE-2023-28540
CVE-2023-33028
CVE-2023-21673
CVE-2023-22385
CVE-2023-24843
CVE-2023-24844
CVE-2023-24847
CVE-2023-24848
CVE-2023-24849
CVE-2023-24850
CVE-2023-24853
CVE-2023-33026
CVE-2023-33027
CVE-2023-4863
Impacto
Vulnerabilidades de riesgo crítico
CVE-2023-40129: Vulnerabilidad de sistema que podría llevar a ejecución remota de código sin necesidad de privilegios de ejecución adicionales.
Mitigación
Instalar las respectivas actualizaciones entregadas por el proveedor.
Productos afectados
Android.
Enlaces
https://source.android.com/docs/security/bulletin/2023-10-01
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21266
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40120
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40140
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40136
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40134
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40137
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40138
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40139
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21291
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21244
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40117
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40129
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40125
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40128
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40130
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40123
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40133
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40135
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21252
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21253
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28348
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44828
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4211
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33200
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34970
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20819
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32819
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32820
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40638
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33029
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33034
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33035
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28540
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33028
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21673
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24847
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24848
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24849
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24850
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24853
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33027
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4863
Informe
El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA23-00913-01.