CVE-2024-29745
5.5MEDIUMthere is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for
Veröffentlicht: 4/5/2024Aktualisiert: 10/24/2025
CISA Bekannte Ausgenutzte Schwachstelle
Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices.
Erforderliche Maßnahme:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Fälligkeitsdatum:
2024-04-25
Beschreibung
there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
KI-AnalyseKI-gestützt
Betroffene Produkte
googleandroid
-
Referenzen
- https://source.android.com/security/bulletin/pixel/2024-04-01Vendor Advisory
- https://source.android.com/security/bulletin/pixel/2024-04-01Vendor Advisory
- https://twitter.com/GrapheneOS/status/1775306481622995226Third Party Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-29745US Government Resource