In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/pixel/2024-09-01 | Vendor Advisory |
Configurations
History
18 Sep 2024, 13:37
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | () https://source.android.com/security/bulletin/pixel/2024-09-01 - Vendor Advisory | |
CPE | cpe:2.3:o:google:android:-:*:*:*:*:*:*:* | |
First Time |
Google
Google android |
16 Sep 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-20 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.4 |
13 Sep 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-13 21:15
Updated : 2024-09-18 13:37
NVD link : CVE-2024-44094
Mitre link : CVE-2024-44094
CVE.ORG link : CVE-2024-44094
JSON object : View
Products Affected
- android