CVE-2024-20089Improper Check or Handling of Exceptional Conditions in Google Android

CWE-703Improper Check or Handling of Exceptional ConditionsCWE-754Improper Check for Unusual or Exceptional Conditions3 documents3 sources
Severity
7.5HIGHNVD
EPSS
2.3%
top 15.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Google AndroidLinuxfoundation YoctoRdkcentral Rdk-b
Timeline
PublishedSep 2

Description

In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue ID: MSV-1526.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDgoogle/android13.0, 14.0+1
NVDrdkcentral/rdk-b2022q3
NVDlinuxfoundation/yocto2.6, 3.3, 4.0+2

🔴Vulnerability Details

2
GHSA
GHSA-c2mc-mh9m-r94v: In wlan, there is a possible denial of service due to incorrect error handling2024-09-02
CVEList
CVE-2024-20089: In wlan, there is a possible denial of service due to incorrect error handling2024-09-02
CVE-2024-20089 — Google Android vulnerability | cvebase