CVE-2024-47020
https://notcve.org/view.php?id=CVE-2024-47020
N/A Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ABL component, A-331966488. • https://source.android.com/security/bulletin/pixel/2024-10-01 •
CVE-2024-47019
https://notcve.org/view.php?id=CVE-2024-47019
In ProtocolEmbmsSaiListAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-125: Out-of-bounds Read •
CVE-2024-47018
https://notcve.org/view.php?id=CVE-2024-47018
In pmucal_rae_handle_seq_int of flexpmu_cal_rae.c, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-125: Out-of-bounds Read •
CVE-2024-47017
https://notcve.org/view.php?id=CVE-2024-47017
In ufshc_scsi_cmd of ufs.c, there is a possible stack variable use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-416: Use After Free •
CVE-2024-47016
https://notcve.org/view.php?id=CVE-2024-47016
there is a possible privilege escalation due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/pixel/2024-10-01 • CWE-276: Incorrect Default Permissions •