CVE-2024-39427

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-39427
In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

5.1 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 2.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 Vendor Advisory
https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
OR cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
History

21 Nov 2024, 09:27

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 4.4 		v2 : unknown
v3 : 5.1
References () https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 - Vendor Advisory () https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 - Vendor Advisory

27 Aug 2024, 18:32

Type Values Removed Values Added
CPE cpe:2.3:o:unisoc:t610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9863a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t606_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9832e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t310_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t760_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc7731e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t770_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t618_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:s8000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t612_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t616_firmware:-:*:*:*:*:*:*:*		 cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
First Time Google
Google android

27 Aug 2024, 17:33

Type Values Removed Values Added
CPE cpe:2.3:o:unisoc:t610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t606_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t760_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc7731e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t612_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9863a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9832e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t310_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t770_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t618_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:s8000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t616_firmware:-:*:*:*:*:*:*:*
First Time Unisoc sc9832e Firmware
Unisoc t310 Firmware
Unisoc sc9863a
Unisoc t820 Firmware
Unisoc t760
Unisoc sc9863a Firmware
Unisoc t770 Firmware
Unisoc t616 Firmware
Unisoc t618 Firmware
Unisoc t770
Unisoc t612
Unisoc s8000 Firmware
Unisoc sc7731e Firmware
Unisoc t610
Unisoc s8000
Unisoc sc9832e
Unisoc t616
Unisoc t610 Firmware
Unisoc t612 Firmware
Unisoc t606 Firmware
Unisoc
Unisoc t310
Unisoc t618
Unisoc t760 Firmware
Unisoc t606
Unisoc sc7731e
Unisoc t820
CVSS v2 : unknown
v3 : 5.1 		v2 : unknown
v3 : 4.4
References () https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 - () https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 - Vendor Advisory
CWE CWE-787

01 Jul 2024, 12:37

Type Values Removed Values Added
Summary
  • (es) En un servicio trusty, existe una posible escritura fuera de los límites debido a una verificación de los límites faltante. Esto podría provocar una denegación de servicio local con privilegios de ejecución de System necesarios.

01 Jul 2024, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-01 09:15

Updated : 2024-11-21 09:27

NVD link : CVE-2024-39427

Mitre link : CVE-2024-39427

CVE.ORG link : CVE-2024-39427

JSON object : View

Products Affected

unisoc

  • sc7731e
  • s8000
  • t820
  • t310
  • sc9832e
  • t618
  • t612
  • t770
  • t760
  • t616
  • sc9863a
  • t606
  • t610

google

  • android
CWE
CWE-787

Out-of-bounds Write


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024