Missing Bounds Check in setProfileName of DevicePolicyManagerService.java Allows for Local Denial of Service in Android

Missing Bounds Check in setProfileName of DevicePolicyManagerService.java Allows for Local Denial of Service in Android

CVE-2023-21167 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

In setProfileName of DevicePolicyManagerService.java, there is a possible way to crash the SystemUI menu due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259942964

Learn more about our Cis Benchmark Audit For Google Android.