CVE-2024-21460
published 2024-07-01CVE-2024-21460: Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.
PriorityP425medium6.5CVSS 3.1
AVLACLPRLUINSCCHINAN
EPSS
0.10%
1.1th percentile
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-74rf-2vg8-wh2p: Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space
ghsa_unreviewed·2024-07-01
CVE-2024-21460 [HIGH] CWE-330 GHSA-74rf-2vg8-wh2p: Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.
Android
CVE-2024-21460: Closed-source component
vendor_android·2024-07-01·CVSS 7.1
CVE-2024-21460 [HIGH] CVE-2024-21460: Closed-source component
Android Security Bulletin 2024-07-01
CVE: CVE-2024-21460
Severity: HIGH
Component: Closed-source component
References: A-318393435 *
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-07-01
Published