CVE-2024-0041

Cyber Sec — Sun, 09 Jun 2024 03:23:37 +0000

Description

In removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition due to a logic error in the code. This could lead to local escalation of privilege that fails to remove the persistent dot with no additional execution privileges needed. User interaction is not needed for exploitation.

References

MISC:https://android.googlesource.com/platform/frameworks/base/+/d6f7188773409c8f5ad5fc7d3eea5b1751439e26
URL:https://android.googlesource.com/platform/frameworks/base/+/d6f7188773409c8f5ad5fc7d3eea5b1751439e26
MISC:https://source.android.com/security/bulletin/2024-02-01
URL:https://source.android.com/security/bulletin/2024-02-01

CVE-2024-0041 - Common Vulnerabilities and Exposures

CVE-2024-0041