CVE-2024-34747

Published Nov 13, 2024

Last updated 2 days ago

Overview

Description: In DevmemXIntMapPages of devicemem_server.c, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
Source: security@android.com
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 8.4
Impact score: 5.9
Exploitability score: 2.5
Vector string: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-416

Hype score: Not currently trending

CVE-2024-34747 In DevmemXIntMapPages of devicemem_server.c, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in … https://t.co/Jhsv830xdm
@CVEnew
13 Nov 2024
203 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References