Android Kernel Remote Code Execution Vulnerability
Android — Kernel
- Added to KEV catalog
- 7 August 2024
- Federal remediation due date
- 28 August 2024
- Weakness classification (CWE)
- CWE-416
CISA Description
Android contains an unspecified vulnerability in the kernel that allows for remote code execution. This vulnerability resides in Linux Kernel and could impact other products, including but not limited to Android OS.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://source.android.com/docs/security/bulletin/2024-08-01, https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T/#u ; https://nvd.nist.gov/vuln/detail/CVE-2024-36971
More Android Vulnerabilities
Android Framework Integer Overflow Vulnerability
Android Framework Privilege Escalation Vulnerability
Android Framework Information Disclosure Vulnerability
Android Runtime Use-After-Free Vulnerability
Android Framework Privilege Escalation Vulnerability
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services