VDB

CISA-2024-23695

CISA-2024-23695 PUBLISHED CVSS 8.4 HIGH

Reported by google_android · Published July 9, 2024

In CacheOpPMRExec of cache_km.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS 3.1
8.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
GoogleAndroidAndroid SoC
googleandroidandroidsoc, androidsoc
GoogleAndroidAndroid SoC, Android SoC

Timeline

  • Jul 9, 2024 CVE Published
  • Jul 11, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›