Lucene search
HistoryAug 15, 2024 - 10:15 p.m.
CVE-2024-34727
cve-2024-34727
heap buffer overflow
remote information disclosure
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
25.9%
In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected configurations
Node
googleandroidMatch12.0
ORgoogleandroidMatch12.1
ORgoogleandroidMatch13.0
ORgoogleandroidMatch14.0
Related
vulnrichment
vulnrichment
CVE-2024-34727
2024-08-15 21:56:30
cve
cve
CVE-2024-34727
2024-08-15 22:15:06
osv
osv
a2dp_fuzz: Heap-buffer-overflow in sdpu_compare_uuid_with_attr
2024-08-01 00:00:00
cvelist
cvelist
CVE-2024-34727
2024-08-15 21:56:30
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
25.9%
Related for NVD:CVE-2024-34727