Lucene search
Google_androidVULNRICHMENT:CVE-2024-0023HistoryFeb 16, 2024 - 7:36 p.m.
CVE-2024-0023
2024-02-1619:36:25
google_android
github.com
convertrgbtoplanaryuv
codec2bufferutils
out of bounds write
local escalation
privilege
no user interaction
In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
ADP Affected
[
{
"cpes": [
"cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:12.0l:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*"
],
"vendor": "google",
"product": "android",
"versions": [
{
"status": "affected",
"version": "11.0"
},
{
"status": "affected",
"version": "12.0"
},
{
"status": "affected",
"version": "12.0l"
},
{
"status": "affected",
"version": "13.0"
},
{
"status": "affected",
"version": "14.0"
}
],
"defaultStatus": "unknown"
}
]Related
cve
cve
CVE-2024-0023
2024-02-16 20:15:47
prion
prion
Out-of-bounds
2024-02-16 20:15:00
cvelist
cvelist
CVE-2024-0023
2024-02-16 19:36:25
osv
osv
nvd
nvd
CVE-2024-0023
2024-02-16 20:15:47
AI Score
7.2
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-0023