CVE-2024-6287

HIGH Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-682
View all →

Vulnerability Description

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite an already loaded image partly or completely, which could result in code execution and bypass of secure boot.

Related Vulnerabilities

CVE-2017-0342

HIGH
CVSS:7.8(High)

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where incorrect calculation may cause an invalid address access leading to...

CWE-6822017

CVE-2017-0545

HIGH
CVSS:7.8(High)

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High beca...

CWE-6822017

CVE-2017-0666

HIGH
CVSS:7.8(High)

A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37285689.

CWE-6822017

CVE-2017-0679

HIGH
CVSS:7.8(High)

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978.

CWE-6822017

CVE-2017-13288

HIGH
CVSS:7.8(High)

In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission bypass due to a 64/32bit int mismatch. This could lead to a local escalation of privilege where the user ca...

CWE-6822017

CVE-2017-9725

HIGH
CVSS:7.8(High)

In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed whe...

CWE-6822017