CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44096
https://notcve.org/view.php?id=CVE-2024-44096
there is a possible arbitrary read due to an insecure default value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/pixel/2024-09-01 • CWE-453: Insecure Default Variable Initialization •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44095
https://notcve.org/view.php?id=CVE-2024-44095
In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible corrupt memory due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/pixel/2024-09-01 • CWE-783: Operator Precedence Logic Error •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44094
https://notcve.org/view.php?id=CVE-2024-44094
In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/pixel/2024-09-01 • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44093
https://notcve.org/view.php?id=CVE-2024-44093
In ppmp_unprotect_buf of drm/code/drm_fw.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/pixel/2024-09-01 • CWE-783: Operator Precedence Logic Error •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44092
https://notcve.org/view.php?id=CVE-2024-44092
In TBD of TBD, there is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/pixel/2024-09-01 • CWE-489: Active Debug Code •