| Summary | In getRegistration of RemoteProvisioningService.java, there is a possible way to permanently disable the AndroidKeyStore key generation feature by updating the attestation keys of all installed apps due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. |
|---|---|
| Publication Date | Sept. 11, 2024, 9:15 a.m. |
| Registration Date | Sept. 11, 2024, 4 p.m. |
| Last Update | Nov. 5, 2024, 3:35 a.m. |
| Title | Google の Android における脆弱性 |
|---|---|
| Summary | Google の Android には、不特定の脆弱性が存在します。 |
| Possible impacts | サービス運用妨害 (DoS) 状態にされる可能性があります。 |
| Solution | ベンダアドバイザリまたはパッチ情報が公開されています。参考情報を参照して適切な対策を実施してください。 |
| Publication Date | Sept. 11, 2024, midnight |
| Registration Date | Dec. 20, 2024, 3:26 p.m. |
| Last Update | Dec. 20, 2024, 3:26 p.m. |
| Android 14.0 |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2024年12月20日] 掲載 |
Dec. 20, 2024, 3:26 p.m. |