CVE-2024-39429 — Out-of-bounds Write in Technologies CO LTD Sc7731e Sc9832e Sc9863a T310 T606 T612 T616 T610 T618

CWE-787 — Out-of-bounds Write2 documents2 sources

Severity

6.2MEDIUMNVD

EPSS

0.0%

top 93.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Unisoc Technologies CO LTD Sc7731e Sc9832e Sc9863a T310 T606 T612 T616 T610 T618 Google Android

Timeline

PublishedJul 1

Description

In faceid servive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.5 | Impact: 3.6

Affected Packages2 packages

▶NVDgoogle/android12.0

▶CVEListV5unisoc_technologies_co_ltd/sc7731e_sc9832e_sc9863a_t310_t606_t612_t616_t610_t618Android12

🔴Vulnerability Details

GHSA

GHSA-855m-rfwj-vwj6: In faceid servive, there is a possible out of bounds write due to a missing bounds check↗2024-07-01

▶