CVE-2024-56191Improper Preservation of Permissions in Google Android

CWE-281Improper Preservation of Permissions3 documents3 sources
Severity
8.4HIGHNVD
EPSS
0.0%
top 98.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Android
Timeline
PublishedMar 10

Description

In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.5 | Impact: 5.9

Affected Packages1 packages

CVEListV5google/androidunknown

🔴Vulnerability Details

2
CVEList
CVE-2024-56191: In dhd_process_full_gscan_result of dhd_pno2025-03-10
GHSA
GHSA-4r5p-qqxr-3jgc: In dhd_process_full_gscan_result of dhd_pno2025-03-10
CVE-2024-56191 — Improper Preservation of Permissions | cvebase