CVE-2024-20054

In gnss, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08580200; Issue ID: ALPS08580200.

Published: Apr 1, 2024
Updated: Apr 2, 2024
CVE: CVE-2024-20054
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
linuxfoundation / yocto	2.6	2.6.x
linuxfoundation / yocto	3.3	3.3.x
rdkcentral / rdk-b	2022q3	2022q3.x
google / android	13.0	13.0.x
google / android	14.0	14.0.x
openwrt / openwrt	19.07.0	19.07.0.x
openwrt / openwrt	21.02.0	21.02.0.x

https://corp.mediatek.com/product-security-bulletin/April-2024

Vulnerability Database

289,697

CVE-2024-20054