CVE-2024-0041

Common Vulnerabilities and Exposures

Last Post by Cyber Sec 1 year ago

1 Posts

1 Users

0 Reactions

375 Views

RSS

Cyber Sec

(@cybersec)

Posts: 37

Eminent Member

Topic starter

Description

In removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition due to a logic error in the code. This could lead to local escalation of privilege that fails to remove the persistent dot with no additional execution privileges needed. User interaction is not needed for exploitation.

References

MISC: https://android.googlesource.com/platform/frameworks/base/+/d6f7188773409c8f5ad5fc7d3eea5b1751439e26
URL: https://android.googlesource.com/platform/frameworks/base/+/d6f7188773409c8f5ad5fc7d3eea5b1751439e26
MISC: https://source.android.com/security/bulletin/2024-02-01
URL: https://source.android.com/security/bulletin/2024-02-01

Posted : 09/06/2024 8:53 am

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed