Possible Use-After-Free Vulnerability in Devicemem_Server.c Could Lead to Local Escalation of Privilege
CVE-2024-23716
Currently unrated 🤨
Summary
In DevmemIntPFNotify of devicemem_server.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Version(s)
Android = Android SoC
Timeline
Vulnerability published.
Collectors
NVD DatabaseMitre Database