CVE-2023-40131 Information

Description

In GpuService of GpuService.cpp there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Reference

https://android.googlesource.com/platform/frameworks/native/+/0cda11569dd256ff3220b4fe44f861f8081d7116 https://source.android.com/security/bulletin/2023-10-01