Lucene search
Google_androidVULNRICHMENT:CVE-2024-0031HistoryFeb 16, 2024 - 12:08 a.m.
CVE-2024-0031
2024-02-1600:08:15
google_android
github.com
6
att_protocol
input validation
remote code execution
In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
ADP Affected
[
{
"cpes": [
"cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"cpe:2.3:o:google:android:12l:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*",
"cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*"
],
"vendor": "google",
"product": "android",
"versions": [
{
"status": "affected",
"version": "11.0"
},
{
"status": "affected",
"version": "12.0"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13.0"
},
{
"status": "affected",
"version": "14.0"
}
],
"defaultStatus": "unknown"
}
]Related
osv
osv
nvd
nvd
CVE-2024-0031
2024-02-16 02:15:50
prion
prion
Design/Logic Flaw
2024-02-16 02:15:00
cvelist
cvelist
CVE-2024-0031
2024-02-16 00:08:15
cve
cve
CVE-2024-0031
2024-02-16 02:15:50
AI Score
7.9
Confidence
High
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-0031