CVE-2024-32922
https://notcve.org/view.php?id=CVE-2024-32922
In gpu_pm_power_on_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation. En gpu_pm_power_on_top_nolock de pixel_gpu_power.c, existe un posible compromiso de la memoria protegida debido a un error lógico en el código. Esto podría llevar a una escalada local de privilegios a TEE sin necesidad de privilegios de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2024-06-01 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2024-32919
https://notcve.org/view.php?id=CVE-2024-32919
In lwis_add_completion_fence of lwis_fence.c, there is a possible escalation of privilege due to type confusion. ... En lwis_add_completion_fence de lwis_fence.c, existe una posible escalada de privilegios debido a una confusión de tipos. • https://source.android.com/security/bulletin/pixel/2024-06-01 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2024-32892
https://notcve.org/view.php?id=CVE-2024-32892
In handle_init of goodix/main/main.c, there is a possible memory corruption due to type confusion. ... En handle_init de goodix/main/main.c, existe una posible corrupción de memoria debido a confusión de tipos. • https://source.android.com/security/bulletin/pixel/2024-06-01 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2024-5843
https://notcve.org/view.php?id=CVE-2024-5843
Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI via a malicious file. (Chromium security severity: Medium) La implementación inadecuada en Descargas en Google Chrome anterior a 126.0.6478.54 permitió a un atacante remoto ofuscar la interfaz de usuario de seguridad mediante un archivo malicioso. (Severidad de seguridad de Chromium: media) • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/333940412 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2024-5838
https://notcve.org/view.php?id=CVE-2024-5838
Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Type Confusion en V8 en Google Chrome anterior a 126.0.6478.54 permitía a un atacante remoto realizar acceso a la memoria fuera de los límites a través de una página HTML manipulada. • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/342522151 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •