CVE-2024-20051 — Google Android vulnerability

3 documents3 sources

Severity

2.3LOWNVD

EPSS

0.0%

top 97.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Android Linuxfoundation Yocto Openwrt +1 more

Timeline

PublishedApr 1

Description

In flashc, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541758.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:LExploitability: 0.8 | Impact: 1.4

Affected Packages4 packages

▶NVDgoogle/android12.0, 13.0, 14.0+2

▶NVDopenwrt/openwrt19.07.0, 21.02.0+1

▶NVDrdkcentral/rdk-b2022q3

▶NVDlinuxfoundation/yocto3.3

🔴Vulnerability Details

GHSA

GHSA-q9w5-9j33-5prx: In flashc, there is a possible system crash due to an uncaught exception↗2024-04-01

▶

CVEList

CVE-2024-20051: In flashc, there is a possible system crash due to an uncaught exception↗2024-04-01

▶