In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Dec 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-1021 |
Mon, 19 Aug 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Google
Google android |
|
Weaknesses | CWE-269 | |
CPEs | cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* | |
Vendors & Products |
Google
Google android |
|
Metrics |
cvssV3_1
|
Thu, 15 Aug 2024 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2024-08-15T21:56:34.208Z
Updated: 2024-08-27T03:55:18.668Z
Reserved: 2024-05-07T20:40:55.717Z
Link: CVE-2024-34743
Vulnrichment
Updated: 2024-08-19T19:23:11.638Z
NVD
Status : Analyzed
Published: 2024-08-15T22:15:06.957
Modified: 2024-12-17T17:47:48.797
Link: CVE-2024-34743
Redhat
No data.