CVE-2024-43767 — Code Injection in External Skia

CWE-94 — Code Injection CWE-120 — Classic Buffer Overflow CWE-601 — Open Redirect7 documents7 sources

Severity

8.8HIGHNVD

EPSS

1.8%

top 17.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Platform External Skia Google Android

Timeline

PublishedJan 3

Latest updateAug 23

Description

In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶Androidplatform/external_skia12:0 — 12:2024-12-01+3

▶CVEListV5google/android5 versions+4

▶NVDgoogle/android5 versions+4

🔴Vulnerability Details

GHSA

Liferay Portal allows open redirect in /c/portal/edit_info_item parameter redirect↗2025-08-23

▶

GHSA

GHSA-q7cq-v47g-g2v2: In prepare_to_draw_into_mask of SkBlurMaskFilterImpl↗2025-01-03

▶

CVEList

CVE-2024-43767: In prepare_to_draw_into_mask of SkBlurMaskFilterImpl↗2025-01-02

▶

OSV

CVE-2024-43767: In prepare_to_draw_into_mask of SkBlurMaskFilterImpl↗2024-12-01

▶

📋Vendor Advisories

Android

CVE-2024-43767: Android Security Bulletin 2024-12-01 CVE: CVE-2024-43767 Severity: HIGH Type: RCE Affected AOSP versions: 12, 12L, 13, 14, 15 References: A-352631932↗2024-12-01

▶

Debian

CVE-2024-43767: libskia - In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible he...↗2024

▶