CVE-2024-29745

there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution...

Basic Information

CVE State: PUBLISHED
Reserved Date: March 19, 2024
Published Date: April 05, 2024
Last Updated: August 02, 2024
Vendor: Google
Product: Android
Description: there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS Scores

CVSS v3.1

5.5 - MEDIUM

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

SSVC Information

Exploitation: active
Technical Impact: partial

Exploit Status

Exploited in the Wild: Yes (added 2024-04-04 00:00:00 UTC) Source

References

https://source.android.com/security/bulletin/pixel/2024-04-01

Known Exploited Vulnerability Information

Source	Added Date
CISA	2024-04-04 00:00:00 UTC