CVE-2024-29786

June 13, 2024, 9:15 p.m.

Tags

2024-06-13
dsap-vuln-management@google.com
CVE-2024-29786

Product(s) Impacted

UNKNOWN

Description

In pktproc_fill_data_addr_without_bm of link_rx_pktproc.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Weaknesses

Date

Published: June 13, 2024, 9:15 p.m.

Last Modified: June 13, 2024, 9:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

dsap-vuln-management@google.com

References

https://source.android.com/security/bulletin/pixel/2024-06-01
dsap-vuln-management@google.com