{"id":"PUB-A-194783918","details":"In MediaCodec.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-194783918","CVE-2023-21000"],"modified":"2026-05-29T15:55:33.750044621Z","published":"2023-03-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-03-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/av/+/cf32c23098ef7410b70ffdbfe2a05146ce79ef04"}],"affected":[{"package":{"name":"platform/frameworks/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-03-01"}]}],"versions":["13"],"ecosystem_specific":{"spl":"2023-03-01","severity":"Moderate","types":["RCE"],"fixes":["https://android.googlesource.com/platform/frameworks/av/+/cf32c23098ef7410b70ffdbfe2a05146ce79ef04"],"vanir_signatures":[{"target":{"file":"media/libstagefright/MediaCodec.cpp"},"id":"PUB-A-194783918-c8520398","signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/av/+/cf32c23098ef7410b70ffdbfe2a05146ce79ef04","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["314507129228433086143684083579771112866","202384799774734280888198870071567020332","230638789972607913286035780323824536487","30236640876822649713160963059853389369","192682719582278474695433578629492659797"]},"deprecated":false}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-194783918.json"}}],"schema_version":"1.7.5"}