CVE-2024-47040Use After Free in Google Android

CWE-416Use After Free4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
0.2%
top 61.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Android
Timeline
PublishedDec 18

Description

There is a possible UAF due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Affected Packages1 packages

CVEListV5google/androidAndroid Kernel

🔴Vulnerability Details

3
GHSA
GHSA-rf6v-wqgm-f86h: There is a possible UAF due to a logic error in the code2024-12-18
CVEList
Use After Free in the android.hardware.radio.sap.ISap/slot2 service2024-12-18
OSV
CVE-2024-47040: there is a possible UAF due to a logic error in the code2024-11-01
CVE-2024-47040 — Use After Free in Google Android | cvebase