CVE-2024-34747

In DevmemXIntMapPages of devicememserver.c, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android DevmemValidateFlags function out-of-bounds write vulnerability

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an out-of-bounds write vulnerability, which stems from a lack of boundary checking in the DevmemValidateFlags function of the devicememserver.c file, which can be exploited by an attacker to caus...

CVE-2024-40671

CVE-2024-40671 affects DevmemIntChangeSparse2 in devicemem_server.c, with a missing permission check that could enable arbitrary code execution and local privilege escalation without user interaction. Public entries across multiple feeds (NVD, Red Hat, Vuln enrichment, and OSV) consistently descr...

CVE-2024-40671

In DevmemIntChangeSparse2 of devicememserver.c, there is a possible way to achieve arbitrary code execution due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-34747

In DevmemXIntMapPages of devicememserver.c, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-34747

In DevmemXIntMapPages of devicememserver.c, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-340329532

In DevmemXIntMapPages of devicememserver.c, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-23716

In DevmemIntPFNotify of devicememserver.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-23716

In DevmemIntPFNotify of devicememserver.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

Code injection

In DevmemIntMapPMR of devicememserver.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

Race condition

In DevmemIntAcquireRemoteCtx of devicememserver.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21401

In DevmemIntChangeSparse of devicememserver.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21164

In DevmemIntMapPMR of devicememserver.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...