CVE-2024-43091

Summary

In filterMask of SkEmbossMaskFilter.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Software

VendorProductVersion RangeStatus
GoogleAndroid15affected
GoogleAndroid14affected
GoogleAndroid13affected
GoogleAndroid12Laffected
GoogleAndroid12affected

Weaknesses

  • Remote code execution

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References