CVE-2024-40658
Publication date 11 September 2024
Last updated 11 September 2024
Ubuntu priority
In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Status
Package | Ubuntu Release | Status |
---|---|---|
android-platform-frameworks-native | 24.04 LTS noble |
Not affected
|
22.04 LTS jammy |
Not affected
|
|
20.04 LTS focal |
Not affected
|
|
18.04 LTS bionic |
Not affected
|
|
16.04 LTS xenial |
Not affected
|
|
android-platform-tools | 24.04 LTS noble |
Not affected
|
22.04 LTS jammy |
Not affected
|
|
20.04 LTS focal | Not in release |