CVE-2024-44094

In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://source.android.com/security/bulletin/pixel/2024-09-01	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

History

18 Sep 2024, 13:37

Type	Values Removed	Values Added
CWE		CWE-787
First Time		Google Google android
CVSS	v2 : ~~unknown~~ v3 : ~~7.4~~	v2 : unknown v3 : 7.8
References	~~() https://source.android.com/security/bulletin/pixel/2024-09-01 -~~	() https://source.android.com/security/bulletin/pixel/2024-09-01 - Vendor Advisory
CPE		cpe:2.3:o:google:android:-:::::::*

16 Sep 2024, 15:35

Type	Values Removed	Values Added
Summary		(es) En ppmp_protect_mfcfw_buf de code/drm_fw.c, existe una posible corrupción de memoria debido a una validación de entrada incorrecta. Esto podría provocar una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. No se necesita interacción del usuario para la explotación.
CWE		CWE-20
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.4

13 Sep 2024, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-13 21:15

Updated : 2024-09-18 13:37

NVD link : CVE-2024-44094

Mitre link : CVE-2024-44094

CVE.ORG link : CVE-2024-44094

JSON object : View

Products Affected

google

android

CWE

CWE-787

Out-of-bounds Write

CWE-20

Improper Input Validation

{"id": "CVE-2024-44094", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.4}]}, "published": "2024-09-13T21:15:10.667", "references": [{"url": "https://source.android.com/security/bulletin/pixel/2024-09-01", "tags": ["Vendor Advisory"], "source": "dsap-vuln-management@google.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."}, {"lang": "es", "value": "En ppmp_protect_mfcfw_buf de code/drm_fw.c, existe una posible corrupci\u00f3n de memoria debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n."}], "lastModified": "2024-09-18T13:37:12.887", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}], "operator": "OR"}]}], "sourceIdentifier": "dsap-vuln-management@google.com"}