CVE-2024-39427

In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVSS v3.0 4.4 MEDIUM

4.4^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:google:android:12.0:::::::*
	cpe:2.3:o:google:android:13.0:::::::*
	cpe:2.3:o:google:android:14.0:::::::*

OR	cpe:2.3:h:unisoc:s8000:-:::::::*
	cpe:2.3:h:unisoc:sc7731e:-:::::::*
	cpe:2.3:h:unisoc:sc9832e:-:::::::*
	cpe:2.3:h:unisoc:sc9863a:-:::::::*
	cpe:2.3:h:unisoc:t310:-:::::::*
	cpe:2.3:h:unisoc:t606:-:::::::*
	cpe:2.3:h:unisoc:t610:-:::::::*
	cpe:2.3:h:unisoc:t612:-:::::::*
	cpe:2.3:h:unisoc:t616:-:::::::*
	cpe:2.3:h:unisoc:t618:-:::::::*
	cpe:2.3:h:unisoc:t760:-:::::::*
	cpe:2.3:h:unisoc:t770:-:::::::*
	cpe:2.3:h:unisoc:t820:-:::::::*

History

27 Aug 2024, 18:32

Type	Values Removed	Values Added
CPE	cpe:2.3:o:unisoc:sc7731e_firmware:-:::::::* cpe:2.3:o:unisoc:t616_firmware:-:::::::* cpe:2.3:o:unisoc:sc9832e_firmware:-:::::::* cpe:2.3:o:unisoc:t606_firmware:-:::::::* cpe:2.3:o:unisoc:t310_firmware:-:::::::* cpe:2.3:o:unisoc:t618_firmware:-:::::::* cpe:2.3:o:unisoc:t610_firmware:-:::::::* cpe:2.3:o:unisoc:t770_firmware:-:::::::* cpe:2.3:o:unisoc:s8000_firmware:-:::::::* cpe:2.3:o:unisoc:t612_firmware:-:::::::* cpe:2.3:o:unisoc:t760_firmware:-:::::::* cpe:2.3:o:unisoc:t820_firmware:-:::::::* cpe:2.3:o:unisoc:sc9863a_firmware:-:::::::*	cpe:2.3:o:google:android:14.0:::::::* cpe:2.3:o:google:android:13.0:::::::* cpe:2.3:o:google:android:12.0:::::::*
First Time		Google android Google

27 Aug 2024, 17:33

Type	Values Removed	Values Added
CPE		cpe:2.3:o:unisoc:sc7731e_firmware:-:::::::* cpe:2.3:o:unisoc:t616_firmware:-:::::::* cpe:2.3:h:unisoc:t310:-:::::::* cpe:2.3:o:unisoc:sc9832e_firmware:-:::::::* cpe:2.3:h:unisoc:t612:-:::::::* cpe:2.3:o:unisoc:t618_firmware:-:::::::* cpe:2.3:h:unisoc:sc9832e:-:::::::* cpe:2.3:h:unisoc:sc7731e:-:::::::* cpe:2.3:o:unisoc:t770_firmware:-:::::::* cpe:2.3:o:unisoc:s8000_firmware:-:::::::* cpe:2.3:o:unisoc:t760_firmware:-:::::::* cpe:2.3:h:unisoc:t610:-:::::::* cpe:2.3:h:unisoc:sc9863a:-:::::::* cpe:2.3:o:unisoc:t310_firmware:-:::::::* cpe:2.3:h:unisoc:t616:-:::::::* cpe:2.3:h:unisoc:t760:-:::::::* cpe:2.3:h:unisoc:t820:-:::::::* cpe:2.3:h:unisoc:s8000:-:::::::* cpe:2.3:o:unisoc:t606_firmware:-:::::::* cpe:2.3:h:unisoc:t618:-:::::::* cpe:2.3:h:unisoc:t606:-:::::::* cpe:2.3:h:unisoc:t770:-:::::::* cpe:2.3:o:unisoc:t612_firmware:-:::::::* cpe:2.3:o:unisoc:t610_firmware:-:::::::* cpe:2.3:o:unisoc:t820_firmware:-:::::::* cpe:2.3:o:unisoc:sc9863a_firmware:-:::::::*
First Time		Unisoc t820 Firmware Unisoc t610 Unisoc t310 Unisoc t612 Firmware Unisoc t770 Unisoc t820 Unisoc t310 Firmware Unisoc sc9863a Firmware Unisoc t610 Firmware Unisoc t618 Unisoc sc7731e Firmware Unisoc sc9832e Unisoc t770 Firmware Unisoc t612 Unisoc sc7731e Unisoc sc9863a Unisoc sc9832e Firmware Unisoc t760 Firmware Unisoc t606 Unisoc Unisoc t606 Firmware Unisoc t760 Unisoc s8000 Unisoc t616 Firmware Unisoc t618 Firmware Unisoc s8000 Firmware Unisoc t616
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.4
CWE		CWE-787
References	~~() https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 -~~	() https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762 - Vendor Advisory

01 Jul 2024, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-01 09:15

Updated : 2024-08-27 18:32

NVD link : CVE-2024-39427

Mitre link : CVE-2024-39427

JSON object : View

Products Affected

unisoc

t820
t616
t310
t770
s8000
t606
t618
sc7731e
t610
t612
sc9863a
t760
sc9832e

google

android

CWE

CWE-787

Out-of-bounds Write

4.4 /10