CVE-2024-31314
Vulnerability from cvelistv5
Published
2024-07-09 20:09
Modified
2024-08-19 15:20
Severity
Summary
In multiple functions of ShortcutService.java, there is a possible persistent DOS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:56.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/frameworks/base/+/c0d5f75e01308fb7d6d86639a0a6e2ff81b30be6"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2024-06-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31314",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T15:19:58.491082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T15:20:06.344Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In multiple functions of ShortcutService.java, there is a possible persistent DOS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T20:09:15.683Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/c0d5f75e01308fb7d6d86639a0a6e2ff81b30be6"
},
{
"url": "https://source.android.com/security/bulletin/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2024-31314",
"datePublished": "2024-07-09T20:09:15.683Z",
"dateReserved": "2024-03-29T20:11:33.058Z",
"dateUpdated": "2024-08-19T15:20:06.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-31314\",\"sourceIdentifier\":\"security@android.com\",\"published\":\"2024-07-09T21:15:13.020\",\"lastModified\":\"2024-07-11T13:06:13.187\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In multiple functions of ShortcutService.java, there is a possible persistent DOS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.\"},{\"lang\":\"es\",\"value\":\"En m\u00faltiples funciones de ShortcutService.java, existe una posible DOS persistente debido al agotamiento de recursos. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://android.googlesource.com/platform/frameworks/base/+/c0d5f75e01308fb7d6d86639a0a6e2ff81b30be6\",\"source\":\"security@android.com\"},{\"url\":\"https://source.android.com/security/bulletin/2024-06-01\",\"source\":\"security@android.com\"}]}}"
}
}
Loading...