CVE-2024-27236

HIGH Year: 2024
CVSS v3 Score
8.4
High
Weakness Type
CWE-843
View all →

Vulnerability Description

In aoc_unlocked_ioctl of aoc.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Related Vulnerabilities

CVE-2024-5274

HIGH
CVSS:8.3(High)

Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

CWE-8432024

CVE-2025-0291

HIGH
CVSS:8.3(High)

Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

CWE-8432025

CVE-2019-6214

HIGH
CVSS:8.6(High)

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break ou...

CWE-8432019

CVE-2021-23434

HIGH
CVSS:8.6(High)

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular,...

CWE-8432021

CVE-2017-0037

HIGH
CVSS:8.1(High)

Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows...

CWE-8432017

CVE-2020-36460

HIGH
CVSS:8.1(High)

An issue was discovered in the model crate through 2020-11-10 for Rust. The Shared data structure has an implementation of the Send and Sync traits without regard for the inner type.

CWE-8432020