CVE-2024-34738
https://notcve.org/view.php?id=CVE-2024-34738
In multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to read their own restrictRead app-op states due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://android.googlesource.com/platform/frameworks/base/+/21d764807b3dcd402d63e2b4c9fbae1c9965400a https://source.android.com/security/bulletin/2024-08-01 •
CVE-2024-34737
https://notcve.org/view.php?id=CVE-2024-34737
In ensureSetPipAspectRatioQuotaTracker of ActivityClientController.java, there is a possible way to generate unmovable and undeletable pip windows due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://android.googlesource.com/platform/frameworks/base/+/8b473b3f79642f42eeeffbfe572df6c6cbe9d79e https://source.android.com/security/bulletin/2024-08-01 •
CVE-2024-34736
https://notcve.org/view.php?id=CVE-2024-34736
In setupVideoEncoder of StagefrightRecorder.cpp, there is a possible asynchronous playback when B-frame support is enabled. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://android.googlesource.com/platform/frameworks/av/+/6cfd048292b2cc706811a22c9078208cfa8e6d24 https://source.android.com/security/bulletin/2024-08-01 •
CVE-2024-34734
https://notcve.org/view.php?id=CVE-2024-34734
In onForegroundServiceButtonClicked of FooterActionsViewModel.kt, there is a possible way to disable the active VPN app from the lockscreen due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://android.googlesource.com/platform/frameworks/base/+/207584fb6f820eba14251251d7e9331bfd57adb8 https://source.android.com/security/bulletin/2024-08-01 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVE-2024-34731
https://notcve.org/view.php?id=CVE-2024-34731
In multiple functions of TranscodingResourcePolicy.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://android.googlesource.com/platform/frameworks/av/+/4b68b00993849b6a7f0e6d075bc2c8bb2e184e61 https://android.googlesource.com/platform/hardware/interfaces/+/0ff19d1f89614fce9454fb415bcbfcbcf3caf76e https://android.googlesource.com/platform/hardware/interfaces/+/d63d09261806f7f1aa01406867f2a9e169356fca https://android.googlesource.com/platform/system/nfc/+/1037992b9abcde1e3560bd895f62644a68563b3d https://android.googlesource.com/platform/system/security/+/d3805312d73433e34ef69a645b553a2969c5dc93 https://source.android.com/security/bulletin/2024-08-01 • CWE-368: Context Switching Race Condition •