Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0492
Vulnerability from certfr_avis - Published: 2024-06-13 - Updated: 2024-06-13
De multiples vulnérabilités ont été découvertes dans Google Android et Pixel. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de privilèges. Google indique que la vulnérabilité CVE-2024-32896 est activement exploitée dans le cadre d'attaques ciblées.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Pixel toutes versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Pixel",
"vendor": {
"name": "Google",
"scada": false
}
}
},
{
"description": "Android toutes versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Android",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-32897",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32897"
},
{
"name": "CVE-2024-32903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32903"
},
{
"name": "CVE-2024-29778",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29778"
},
{
"name": "CVE-2024-32920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32920"
},
{
"name": "CVE-2023-43544",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43544"
},
{
"name": "CVE-2024-32918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32918"
},
{
"name": "CVE-2024-32914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32914"
},
{
"name": "CVE-2024-32922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32922"
},
{
"name": "CVE-2024-29784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29784"
},
{
"name": "CVE-2023-43555",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43555"
},
{
"name": "CVE-2024-29785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29785"
},
{
"name": "CVE-2023-43537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43537"
},
{
"name": "CVE-2024-32895",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32895"
},
{
"name": "CVE-2024-32915",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32915"
},
{
"name": "CVE-2024-32916",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32916"
},
{
"name": "CVE-2024-32894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32894"
},
{
"name": "CVE-2024-29781",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29781"
},
{
"name": "CVE-2024-32911",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32911"
},
{
"name": "CVE-2024-32891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32891"
},
{
"name": "CVE-2024-32909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32909"
},
{
"name": "CVE-2024-32930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32930"
},
{
"name": "CVE-2024-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29786"
},
{
"name": "CVE-2023-43543",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43543"
},
{
"name": "CVE-2024-32893",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32893"
},
{
"name": "CVE-2024-32896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32896"
},
{
"name": "CVE-2024-32923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32923"
},
{
"name": "CVE-2024-32899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32899"
},
{
"name": "CVE-2024-32910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32910"
},
{
"name": "CVE-2024-32917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32917"
},
{
"name": "CVE-2024-32912",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32912"
},
{
"name": "CVE-2023-50803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50803"
},
{
"name": "CVE-2024-32908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32908"
},
{
"name": "CVE-2024-29780",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29780"
},
{
"name": "CVE-2024-32901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32901"
},
{
"name": "CVE-2024-32904",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32904"
},
{
"name": "CVE-2024-32925",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32925"
},
{
"name": "CVE-2024-32924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32924"
},
{
"name": "CVE-2024-32898",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32898"
},
{
"name": "CVE-2024-32902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32902"
},
{
"name": "CVE-2024-32906",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32906"
},
{
"name": "CVE-2024-32921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32921"
},
{
"name": "CVE-2024-32907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32907"
},
{
"name": "CVE-2024-32913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32913"
},
{
"name": "CVE-2024-32892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32892"
},
{
"name": "CVE-2024-32900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32900"
},
{
"name": "CVE-2023-43545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43545"
},
{
"name": "CVE-2024-32926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32926"
},
{
"name": "CVE-2024-29787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29787"
},
{
"name": "CVE-2024-32905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32905"
},
{
"name": "CVE-2024-32919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32919"
}
],
"initial_release_date": "2024-06-13T00:00:00",
"last_revision_date": "2024-06-13T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0492",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-06-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Android et Pixel. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\nGoogle indique que la vuln\u00e9rabilit\u00e9 CVE-2024-32896 est activement exploit\u00e9e dans le cadre d\u0027attaques cibl\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android et Pixel",
"vendor_advisories": [
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Pixel",
"url": "https://source.android.com/docs/security/bulletin/pixel/2024-06-01?hl=fr"
},
{
"published_at": "2024-06-03",
"title": "Bulletin de s\u00e9curit\u00e9 Android",
"url": "https://source.android.com/docs/security/bulletin/2024-06-01?hl=fr"
}
]
}
CVE-2024-32908 (GCVE-0-2024-32908)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:01 – Updated: 2024-08-02 02:20
VLAI
EPSS
Summary
In sec_media_protect of media.c, there is a possible permission bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Elevation of privilege
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"lessThan": "2024-06-05",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32908",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T16:41:57.242903Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-30T14:26:08.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.677Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In sec_media_protect of media.c, there is a possible permission bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:01:59.498Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-32908",
"datePublished": "2024-06-13T21:01:59.498Z",
"dateReserved": "2024-04-19T15:00:32.963Z",
"dateUpdated": "2024-08-02T02:20:35.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32909 (GCVE-0-2024-32909)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:01 – Updated: 2024-08-02 02:20
VLAI
EPSS
Summary
In handle_msg of main.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Elevation of privilege
- CWE-787 - Out-of-bounds Write
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:google:pixel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pixel",
"vendor": "google",
"versions": [
{
"lessThan": "2024-06-01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32909",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:01:07.960386Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T15:54:37.807Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In handle_msg of main.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:01:59.725Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-32909",
"datePublished": "2024-06-13T21:01:59.725Z",
"dateReserved": "2024-04-19T15:00:32.963Z",
"dateUpdated": "2024-08-02T02:20:35.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32910 (GCVE-0-2024-32910)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:01 – Updated: 2025-03-13 13:27
VLAI
EPSS
Summary
In handle_msg_shm_map_req of trusty/user/base/lib/spi/srv/tipc/tipc.c, there is a possible stack data disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Information disclosure
- CWE-908 - Use of Uninitialized Resource
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32910",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T17:58:18.772746Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908 Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T13:27:18.635Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In handle_msg_shm_map_req of trusty/user/base/lib/spi/srv/tipc/tipc.c, there is a possible stack data disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:01:59.881Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-32910",
"datePublished": "2024-06-13T21:01:59.881Z",
"dateReserved": "2024-04-19T15:00:32.963Z",
"dateUpdated": "2025-03-13T13:27:18.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32911 (GCVE-0-2024-32911)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:02 – Updated: 2024-09-06 23:00
VLAI
EPSS
Summary
There is a possible escalation of privilege due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Elevation of privilege
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Android |
Affected:
Android kernel
|
||
| android_kernel |
Affected:
android_kernel
cpe:2.3:a:google:android_kernel:android_kernel:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:google:android_kernel:android_kernel:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android_kernel",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "android_kernel"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T18:33:55.744857Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T23:00:06.219Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a possible escalation of privilege due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:02:00.108Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-32911",
"datePublished": "2024-06-13T21:02:00.108Z",
"dateReserved": "2024-04-19T15:00:36.580Z",
"dateUpdated": "2024-09-06T23:00:06.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32912 (GCVE-0-2024-32912)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:02 – Updated: 2025-03-20 14:13
VLAI
EPSS
Summary
there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Denial of service
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T15:07:31.179383Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T14:13:52.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:02:00.263Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-32912",
"datePublished": "2024-06-13T21:02:00.263Z",
"dateReserved": "2024-04-19T15:00:36.580Z",
"dateUpdated": "2025-03-20T14:13:52.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32913 (GCVE-0-2024-32913)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:02 – Updated: 2024-08-19 13:40
VLAI
EPSS
Summary
In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Remote code execution
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32913",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T13:39:53.539389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T13:40:43.079Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:02:00.412Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-32913",
"datePublished": "2024-06-13T21:02:00.412Z",
"dateReserved": "2024-04-19T15:00:36.581Z",
"dateUpdated": "2024-08-19T13:40:43.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32914 (GCVE-0-2024-32914)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:02 – Updated: 2024-11-06 15:04
VLAI
EPSS
Summary
In tpu_get_int_state of tpu.c, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Information disclosure
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.706Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32914",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T14:58:30.428612Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T15:04:00.644Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In tpu_get_int_state of tpu.c, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:02:00.561Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-32914",
"datePublished": "2024-06-13T21:02:00.561Z",
"dateReserved": "2024-04-19T15:00:36.581Z",
"dateUpdated": "2024-11-06T15:04:00.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32915 (GCVE-0-2024-32915)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:02 – Updated: 2024-11-04 17:12
VLAI
EPSS
Summary
In CellInfoListParserV2::FillCellInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Information disclosure
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T16:48:21.412737Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:12:33.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In CellInfoListParserV2::FillCellInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:02:00.728Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-32915",
"datePublished": "2024-06-13T21:02:00.728Z",
"dateReserved": "2024-04-19T15:00:36.581Z",
"dateUpdated": "2024-11-04T17:12:33.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32916 (GCVE-0-2024-32916)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:02 – Updated: 2024-12-06 17:58
VLAI
EPSS
Summary
In fvp_freq_histogram_init of fvp.c, there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Information disclosure
- CWE-noinfo Not enough information
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32916",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T16:02:01.681442Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T17:58:41.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In fvp_freq_histogram_init of fvp.c, there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:02:00.954Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-32916",
"datePublished": "2024-06-13T21:02:00.954Z",
"dateReserved": "2024-04-19T15:12:10.954Z",
"dateUpdated": "2024-12-06T17:58:41.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32917 (GCVE-0-2024-32917)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:02 – Updated: 2024-08-15 15:34
VLAI
EPSS
Summary
In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Elevation of privilege
- CWE-787 - Out-of-bounds Write
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Android |
Affected:
Android kernel
|
||
| android_kernel |
Affected:
android_kernel
cpe:2.3:a:google:android_kernel:android_kernel:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:google:android_kernel:android_kernel:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android_kernel",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "android_kernel"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32917",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:13:22.489316Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T15:34:42.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:02:01.129Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-32917",
"datePublished": "2024-06-13T21:02:01.129Z",
"dateReserved": "2024-04-19T15:12:10.955Z",
"dateUpdated": "2024-08-15T15:34:42.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…