2 matches found
CVE-2024-49714
In avrcvendormsg of avrcopt.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-49714
CVE-2024-49714 is an elevation-of-privilege vulnerability in the AVRCP vendor message path: in avrc_vendor_msg within avrc_opt.cc, a heap-buffer overflow can cause an out-of-bounds write. This enables local escalation on a paired device without extra privileges or user interaction. Exploitation i...