CVE-2024-39434

In drm service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
OR cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*

History

30 Sep 2024, 18:14

Type Values Removed Values Added
First Time Unisoc t610
Unisoc t770
Unisoc t618
Unisoc t606
Unisoc t820
Unisoc t760
Unisoc s8000
Unisoc
Google
Google android
Unisoc t612
Unisoc t616
References () https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241 - () https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241 - Vendor Advisory
CWE CWE-125
CPE cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 6.2
v2 : unknown
v3 : 4.4

30 Sep 2024, 12:46

Type Values Removed Values Added
Summary
  • (es) En el servicio DRM, es posible que se produzca una lectura fuera de los límites debido a la falta de una comprobación de los límites. Esto podría provocar una denegación local del servicio, con privilegios de ejecución de System necesarios.

27 Sep 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-27 08:15

Updated : 2024-09-30 18:14


NVD link : CVE-2024-39434

Mitre link : CVE-2024-39434

CVE.ORG link : CVE-2024-39434


JSON object : View

Products Affected

unisoc

  • s8000
  • t820
  • t618
  • t612
  • t770
  • t760
  • t616
  • t606
  • t610

google

  • android
CWE
CWE-125

Out-of-bounds Read