In mm_GetMobileIdIndexForNsUpdate of mm_GmmPduCodec.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/pixel/2024-10-01 | Vendor Advisory |
Configurations
History
28 Oct 2024, 13:58
Type | Values Removed | Values Added |
---|---|---|
References | () https://source.android.com/security/bulletin/pixel/2024-10-01 - Vendor Advisory | |
CWE | CWE-787 | |
CPE | cpe:2.3:o:google:android:-:*:*:*:*:*:*:* | |
Summary |
|
|
First Time |
Google android
|
25 Oct 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-276 |
25 Oct 2024, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-25 11:15
Updated : 2024-10-28 13:58
NVD link : CVE-2024-47012
Mitre link : CVE-2024-47012
CVE.ORG link : CVE-2024-47012
JSON object : View
Products Affected
- android