CVE-2024-22005

State: PUBLISHED · Published: 2024-03-11 · Updated: 2024-08-27 · Assigner: Google_Devices

Description

there is a possible Authentication Bypass due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CWE

CWE-787 — CWE-787 Out-of-bounds Write

Affected

Google / Android — v=13 [affected]

CVSS

(none)

References

https://source.android.com/security/bulletin/pixel/2024-03-01

Source

cvelistV5-main/cves/2024/22xxx/CVE-2024-22005.json