From redpacketsecurity.com
Multiple vulnerabilities were identified in Android. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution and sensitive information disclosure on the targeted system.
Note:
There are indications that CVE-2023-4863 and CVE-2023-4211 is under active exploitation in the wild.
CVE-2023-4863: Heap buffer overflow in libwebp.
CVE-2023-4211: A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
RISK: Extremely High Risk