CVE-2024-39427

In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
OR cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*

History

27 Aug 2024, 18:32

Type Values Removed Values Added
First Time Google android
Google
CPE cpe:2.3:o:unisoc:s8000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t612_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9863a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t770_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t618_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t310_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc7731e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t606_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t760_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9832e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*

27 Aug 2024, 17:33

Type Values Removed Values Added
First Time Unisoc sc9832e Firmware
Unisoc t820
Unisoc t760 Firmware
Unisoc t606 Firmware
Unisoc t618
Unisoc sc7731e
Unisoc
Unisoc t770
Unisoc t760
Unisoc t310 Firmware
Unisoc t618 Firmware
Unisoc t612
Unisoc t770 Firmware
Unisoc t606
Unisoc s8000 Firmware
Unisoc sc9863a
Unisoc sc7731e Firmware
Unisoc t610 Firmware
Unisoc t616
Unisoc t616 Firmware
Unisoc t820 Firmware
Unisoc t612 Firmware
Unisoc sc9832e
Unisoc t610
Unisoc s8000
Unisoc t310
Unisoc sc9863a Firmware
References () https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 - () https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 - Vendor Advisory
CPE cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t770_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t310_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t760_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9832e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:s8000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t612_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9863a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t618_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc7731e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t606_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t820_firmware:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 5.1
v2 : unknown
v3 : 4.4
CWE CWE-787

01 Jul 2024, 12:37

Type Values Removed Values Added
Summary
  • (es) En un servicio trusty, existe una posible escritura fuera de los límites debido a una verificación de los límites faltante. Esto podría provocar una denegación de servicio local con privilegios de ejecución de System necesarios.

01 Jul 2024, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-01 09:15

Updated : 2024-08-27 18:32


NVD link : CVE-2024-39427

Mitre link : CVE-2024-39427

CVE.ORG link : CVE-2024-39427


JSON object : View

Products Affected

unisoc

  • t760
  • t770
  • t310
  • sc9832e
  • t606
  • t616
  • t610
  • sc9863a
  • t820
  • t612
  • s8000
  • sc7731e
  • t618

google

  • android
CWE
CWE-787

Out-of-bounds Write