In ensureSetPipAspectRatioQuotaTracker of ActivityClientController.java, there is a possible way to generate unmovable and undeletable pip windows due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Metrics
Affected Vendors & Products
References
History
Fri, 16 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Google
Google android |
|
CPEs | cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:* cpe:2.3:o:google:android:12l:*:*:*:*:*:*:* cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:* cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Google
Google android |
|
Metrics |
cvssV3_1
|
Thu, 15 Aug 2024 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In ensureSetPipAspectRatioQuotaTracker of ActivityClientController.java, there is a possible way to generate unmovable and undeletable pip windows due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2024-08-15T21:56:32.112Z
Updated: 2024-08-16T14:31:21.499Z
Reserved: 2024-05-07T20:40:43.334Z
Link: CVE-2024-34737
Vulnrichment
Updated: 2024-08-16T14:22:23.542Z
NVD
Status : Awaiting Analysis
Published: 2024-08-15T22:15:06.467
Modified: 2024-08-19T13:00:23.117
Link: CVE-2024-34737
Redhat
No data.