CVE-2024-29745

medium

Description

there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Exploits
More

https://thehackernews.com/2025/04/google-reports-75-zero-days-exploited.html

https://www.bleepingcomputer.com/news/security/serbian-police-used-cellebrite-zero-day-hack-to-unlock-android-phones/

https://thehackernews.com/2024/08/google-patches-new-android-kernel.html

https://www.bleepingcomputer.com/news/security/google-fixes-two-pixel-zero-day-flaws-exploited-by-forensics-firms/

https://source.android.com/security/bulletin/pixel/2024-04-01

Details

Source: Mitre, NVD

Published: 2024-04-05

Updated: 2024-11-29

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N