github - ghsa-3p58-r886-3jr6

ghsa-3p58-r886-3jr6

Vulnerability from github

Published

2024-04-05 21:32

Modified

2024-04-05 21:32

Details

In tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-29755"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-05T20:15:08Z",
    "severity": null
  },
  "details": "In tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-3p58-r886-3jr6",
  "modified": "2024-04-05T21:32:44Z",
  "published": "2024-04-05T21:32:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29755"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/pixel/2024-04-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2024-29755

Vulnerability from cvelistv5

Published

2024-04-05 20:02

Modified

2024-08-02 01:10

Severity

Summary

In tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

URL	Tags
https://source.android.com/security/bulletin/pixel/2024-04-01

Impacted products

Vendor	Product
Google	Android

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-29755",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-16T19:48:16.178822Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-16T19:48:23.694Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T01:10:55.596Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2024-04-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-05T20:02:17.440Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2024-04-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2024-29755",
    "datePublished": "2024-04-05T20:02:17.440Z",
    "dateReserved": "2024-03-19T15:05:26.955Z",
    "dateUpdated": "2024-08-02T01:10:55.596Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.