CVE-2024-39432

In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
OR cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*

History

30 Sep 2024, 18:12

Type Values Removed Values Added
References () https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241 - () https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241 - Vendor Advisory
CPE cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
CWE CWE-787
First Time Unisoc t616
Unisoc s8000
Unisoc sc9832e
Unisoc t760
Unisoc t612
Unisoc t610
Unisoc sc7731e
Unisoc sc9863a
Google
Unisoc t820
Unisoc
Unisoc t310
Google android
Unisoc t606
Unisoc t770
Unisoc t618
CVSS v2 : unknown
v3 : 8.3
v2 : unknown
v3 : 4.5

30 Sep 2024, 12:46

Type Values Removed Values Added
Summary
  • (es) En el controlador RLC de UMTS, existe una posible lectura fuera de los límites debido a la falta de una verificación de los límites. Esto podría provocar una denegación remota de servicio con privilegios de ejecución de System necesarios.

27 Sep 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-27 08:15

Updated : 2024-09-30 18:12


NVD link : CVE-2024-39432

Mitre link : CVE-2024-39432

CVE.ORG link : CVE-2024-39432


JSON object : View

Products Affected

google

  • android

unisoc

  • sc9832e
  • sc9863a
  • t612
  • t616
  • s8000
  • t610
  • sc7731e
  • t310
  • t606
  • t760
  • t618
  • t770
  • t820
CWE
CWE-787

Out-of-bounds Write