VDB

CISA-2024-23715

CISA-2024-23715 PUBLISHED CVSS 7.8 HIGH

Reported by google_android · Published November 13, 2024

In PMRWritePMPageList of pmr.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS 3.1
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
GoogleAndroidAndroid SoC
GoogleAndroidAndroid SoC, Android SoC
googleandroid0, 0

Timeline

  • Nov 13, 2024 CVE Published
  • Nov 20, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›