Google Android vulnerabilities

CVE-2024-34747 [HIGH] CWE-416 CVE-2024-34747: In DevmemXIntMapPages of devicemem_server.c, there is a possible use-after-free due to a logic error In DevmemXIntMapPages of devicemem_server.c, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-43088 [HIGH] CWE-862 CVE-2024-43088: In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission sett In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission settings belonging to another user on the device due to a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-43080 [HIGH] CWE-502 CVE-2024-43080: In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to uns In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2024-43093 [HIGH] CWE-176 CVE-2024-43093: In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path fil In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2024-23715 [HIGH] CWE-787 CVE-2024-23715: In PMRWritePMPageList of pmr.c, there is a possible out of bounds write due to a logic error in the In PMRWritePMPageList of pmr.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-43081 [HIGH] CWE-276 CVE-2024-43081: In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restrictio In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-40671 [HIGH] CWE-862 CVE-2024-40671: In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary code e In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary code execution due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-43087 [HIGH] CWE-862 CVE-2024-43087: In getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hi In getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hide an enabled accessibility service in the accessibility service settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

CVE-2024-34729 [HIGH] CVE-2024-34729: In multiple locations, there is a possible arbitrary code execution due to a logic error in the code In multiple locations, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-40660 [HIGH] CWE-276 CVE-2024-40660: In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display at In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display attributes due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-31337 [HIGH] CVE-2024-31337: In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper in In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-43085 [HIGH] CWE-276 CVE-2024-43085: In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over USB without unlocking the device due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-43090 [MEDIUM] CWE-862 CVE-2024-43090: In multiple locations, there is a possible cross-user image read due to a missing permission check. In multiple locations, there is a possible cross-user image read due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.

CVE-2024-43082 [MEDIUM] CWE-125 CVE-2024-43082: In onActivityResult of EditUserPhotoController.java, there is a possible cross-user media read due t In onActivityResult of EditUserPhotoController.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-43086 [MEDIUM] CWE-276 CVE-2024-43086: In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak account c In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak account credentials to a third party app due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-43084 [MEDIUM] CWE-1021 CVE-2024-43084: In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-43083 [MEDIUM] CWE-770 CVE-2024-43083: In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2024-20104 [HIGH] CWE-787 CVE-2024-20104: In da, there is a possible out of bounds write due to a missing bounds check. This could lead to loc In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772.

CVE-2024-20109 [MEDIUM] CWE-787 CVE-2024-20109: In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065928; Issue ID: MSV-1763.

CVE-2024-20115 [MEDIUM] CWE-787 CVE-2024-20115: In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09036695; Issue ID: MSV-1713.