CVE-2023-40074 Information

Description

In saveToXml of PersistableBundle.java invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Reference

https://source.android.com/security/bulletin/2023-12-01