Integer Overflow Vulnerability in Android Framework by Google
CVE-2024-56191

8.4HIGH

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 10 March 2025

What is CVE-2024-56191?

A vulnerability exists within the Android framework that allows for a local escalation of privilege due to an integer overflow in the processing of scan results. Exploiting this vulnerability does not require any user interaction and can be executed without additional privileges. This poses a significant risk to devices running affected versions of the Android Framework, potentially allowing malicious entities to gain unauthorized access to sensitive system-level resources.

Affected Version(s)

Android unknown

References

https://source.android.com/docs/security/bulletin/pixel-w...

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2025
Vulnerability Reserved
Dec 18, 2024