Vulnerability Description
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linuxfoundation | Yocto | 4.0 |
| Rdkcentral | Rdk-B | 2022q3 |
| Android | 12.0 | |
| Openwrt | Openwrt | 19.07.0 |
| Mediatek | Mt6781 | - |
| Mediatek | Mt6789 | - |
| Mediatek | Mt6835 | - |
| Mediatek | Mt6855 | - |
| Mediatek | Mt6878 | - |
| Mediatek | Mt6879 | - |
| Mediatek | Mt6880 | - |
| Mediatek | Mt6886 | - |
| Mediatek | Mt6890 | - |
| Mediatek | Mt6895 | - |
| Mediatek | Mt6897 | - |
| Mediatek | Mt6980 | - |
| Mediatek | Mt6983 | - |
| Mediatek | Mt6985 | - |
| Mediatek | Mt6989 | - |
| Mediatek | Mt6990 | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2024-20104?
CVE-2024-20104 is a vulnerability with a CVSS score of 8.4 (HIGH). In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is neede...
How severe is CVE-2024-20104?
CVE-2024-20104 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-20104?
Check the references section above for vendor advisories and patch information. Affected products include: Linuxfoundation Yocto, Rdkcentral Rdk-B, Google Android, Openwrt Openwrt, Mediatek Mt6781.