ГлавнаяУязвимости → CVE-2024-23716
7высокая

CVE-2024-23716

Описание

In DevmemIntPFNotify of devicemem_server.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Затрагиваемое ПО
Google Android
CVSS
Балл7 — высокая
ВекторCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://source.android.com/security/bulletin/2024-09-01