CVE-2024-39431

In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
OR cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*

History

30 Sep 2024, 18:09

Type Values Removed Values Added
CWE CWE-787
CVSS v2 : unknown
v3 : 8.3
v2 : unknown
v3 : 4.5
CPE cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
References () https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241 - () https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241 - Vendor Advisory
First Time Unisoc t616
Unisoc s8000
Unisoc sc9832e
Unisoc t760
Unisoc t612
Unisoc t610
Unisoc sc7731e
Unisoc sc9863a
Google
Unisoc t820
Unisoc
Unisoc t310
Google android
Unisoc t606
Unisoc t770
Unisoc t618

30 Sep 2024, 12:46

Type Values Removed Values Added
Summary
  • (es) En el controlador RLC de UMTS, existe la posibilidad de una escritura fuera de los límites debido a la falta de una comprobación de los límites. Esto podría provocar una denegación de servicio remota con privilegios de ejecución de System necesarios.

27 Sep 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-27 08:15

Updated : 2024-09-30 18:09


NVD link : CVE-2024-39431

Mitre link : CVE-2024-39431

CVE.ORG link : CVE-2024-39431


JSON object : View

Products Affected

unisoc

  • t760
  • t770
  • t310
  • sc9832e
  • t606
  • t616
  • t610
  • sc9863a
  • t820
  • t612
  • s8000
  • sc7731e
  • t618

google

  • android
CWE
CWE-787

Out-of-bounds Write