CVE-2024-40660 – Android SurfaceFlinger Local Escalation of Privilege

11月 13, 2024
7:16 pm

CVE ID : CVE-2024-40660

Published : Nov. 13, 2024, 6:15 p.m. | 1 hour ago

Description : In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display attributes due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-40660 – Android SurfaceFlinger Local Escalation of Privilege

Elvescore.io

Recent Posts

CVE-2024-12962 – Code-Projects Job Recruitment SQL Injection Vulnerability

CVE-2024-54907 – TOTOLINK A3002R Remote Code Execution Vulnerability in boa FormWsc Handler

CVE-2024-12960 – Apache MCA 1.0 SQL Injection Vulnerability

CVE-2024-12961 – Apache MCA Portfolio Management System SQL Injection Vulnerability

CVE-2024-12908 – Delinea Secret Server Regular Expression Injection Vulnerability

CVE-2024-12958 – RPost MCA SQL Injection Vulnerability

CVE-2024-40660 – Android SurfaceFlinger Local Escalation of Privilege

CVE-2024-40660 – Android SurfaceFlinger Local Escalation of Privilege