In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
References
| Link | Resource |
|---|---|
| https://android.googlesource.com/platform/packages/modules/Wifi/+/62f61e19524e9a55cadd1116c9448ff34b977e50 | Mailing List Patch |
| https://source.android.com/security/bulletin/2024-11-01 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
17 Dec 2024, 20:03
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://source.android.com/security/bulletin/2024-11-01 - Patch, Vendor Advisory | |
| References | () https://android.googlesource.com/platform/packages/modules/Wifi/+/62f61e19524e9a55cadd1116c9448ff34b977e50 - Mailing List, Patch | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| First Time |
Google android
|
|
| CWE | CWE-770 | |
| CPE | cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:* cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* |
13 Nov 2024, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-11-13 18:15
Updated : 2024-12-17 20:03
NVD link : CVE-2024-43083
Mitre link : CVE-2024-43083
JSON object : View
Products Affected
- android
CWE
CWE-770
Allocation of Resources Without Limits or Throttling