|
308561
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In ffu_flash_pack of ffu.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interactio…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-47028
|
2024-10-29 02:58 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308562
|
7.8 |
HIGH
Local
|
google
|
android
|
In sm_mem_compat_get_vmm_obj of lib/sm/shared_mem.c, there is a possible arbitrary physical memory access due to improper input validation. This could lead to local escalation of privilege with no ad…
|
NVD-CWE-noinfo
|
CVE-2024-47027
|
2024-10-29 02:58 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308563
|
7.8 |
HIGH
Local
|
google
|
android
|
In lwis_allocator_free of lwis_allocator.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges nee…
|
CWE-416
Use After Free
|
CVE-2024-47033
|
2024-10-29 02:57 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308564
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In TrustySharedMemoryManager::GetSharedMemory of ondevice/trusty/trusty_shared_memory_manager.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local inf…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47029
|
2024-10-29 02:57 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308565
|
5.5 |
MEDIUM
Local
|
google
|
android
|
there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed fo…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47034
|
2024-10-29 02:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308566
|
7.8 |
HIGH
Local
|
google
|
android
|
In ufshc_scsi_cmd of ufs.c, there is a possible stack variable use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed.…
|
CWE-416
Use After Free
|
CVE-2024-47017
|
2024-10-29 02:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308567
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Avoid overflow assignment in link_dp_cts
sampling_rate is an uint8_t but is assigned an unsigned int, and thus i…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-50016
|
2024-10-29 02:17 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308568
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ext4: dax: fix overflowing extents beyond inode size when partially writing
The dax_iomap_rw() does two things in each iteration:…
|
NVD-CWE-noinfo
|
CVE-2024-50015
|
2024-10-29 02:13 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308569
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix access to uninitialised lock in fc replay path
The following kernel trace can be triggered with fstest generic/629 when…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-50014
|
2024-10-29 02:12 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308570
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/hdcp: Check GSC structure validity
Sometimes xe_gsc is not initialized when checked at HDCP capability
check. Add gsc stru…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-49990
|
2024-10-29 01:42 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
