How severe is CVE-2024-47038?

CVE-2024-47038 has a CVSS v3 score of 7.8 (HIGH).

CVE-2024-47038

Name: android
Author: google

7.8HIGH

In dhd_prot_flowrings_pool_release of dhd_msgbuf.c, there is a possible outcof bounds write due to a missing bounds check. This could lead to localcescalation of privilege with no additional execution

Published: 12/18/2024Updated: 7/24/2025

Description

In dhd_prot_flowrings_pool_release of dhd_msgbuf.c, there is a possible outcof bounds write due to a missing bounds check. This could lead to localcescalation of privilege with no additional execution privileges needed. Usercinteraction is not needed for exploitation.

AI AnalysisPowered by AI

Affected Products

googleandroid

References

https://source.android.com/security/bulletin/pixel/2024-11-01
Vendor Advisory