CVE-2024-39428

In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
OR cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*

History

27 Aug 2024, 17:39

Type Values Removed Values Added
References () https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 - () https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 - Vendor Advisory
CWE CWE-787
CVSS v2 : unknown
v3 : 6.8
v2 : unknown
v3 : 4.4
CPE cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
First Time Unisoc t820
Google
Unisoc t618
Unisoc t770
Unisoc sc7731e
Unisoc
Unisoc t760
Unisoc t606
Unisoc t612
Unisoc sc9863a
Google android
Unisoc t616
Unisoc sc9832e
Unisoc t610
Unisoc s8000
Unisoc t310

01 Jul 2024, 12:37

Type Values Removed Values Added
Summary
  • (es) En un servicio trusty, existe una posible escritura fuera de los límites debido a una verificación de los límites faltante. Esto podría provocar una denegación de servicio local con privilegios de ejecución de System necesarios.

01 Jul 2024, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-01 09:15

Updated : 2024-08-27 17:39


NVD link : CVE-2024-39428

Mitre link : CVE-2024-39428

CVE.ORG link : CVE-2024-39428


JSON object : View

Products Affected

unisoc

  • t760
  • t770
  • t310
  • sc9832e
  • t606
  • t616
  • t610
  • sc9863a
  • t820
  • t612
  • s8000
  • sc7731e
  • t618

google

  • android
CWE
CWE-787

Out-of-bounds Write