Back

CVE-2024-0024

May 7, 2024, 9:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Android

Source

security@android.com

Tags

2024-05-07
security@android.com
CVE-2024-0024

CVE-2024-0024 details

Published : May 7, 2024, 9:15 p.m.
Last Modified : May 7, 2024, 9:15 p.m.

Description

In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://android.googlesource.com/platform/frameworks/base/+/6a9250ec7fc9801a883cedd7860076f42fb518ac security@android.com
https://source.android.com/security/bulletin/2024-05-01 security@android.com
This website uses the NVD API, but is not approved or certified by it.