CVE-2024-34733

HIGH Year: 2024
CVSS v3 Score
8.4
High
Weakness Type
CWE-190
View all →

Vulnerability Description

In DevmemXIntMapPages of devicemem_server.c, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Related Vulnerabilities

CVE-2017-13323

HIGH
CVSS:8.4(High)

In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in an unprivileged process with no additional executio...

CWE-1902017

CVE-2018-9363

HIGH
CVSS:8.4(High)

In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for expl...

CWE-1902018

CVE-2021-1913

HIGH
CVSS:8.4(High)

Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdrag...

CWE-1902021

CVE-2021-1949

HIGH
CVSS:8.4(High)

Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Ind...

CWE-1902021

CVE-2022-0185

HIGH
CVSS:8.4(High)

A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivile...

CWE-1902022

CVE-2022-1754

HIGH
CVSS:8.4(High)

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2.

CWE-1902022