CVE-2024-0019: Bypassing Privacy Indicator for Active Microphone Recordings in AppOpsControllerImpl.java
The developers concerned with Android platform security must be aware of CVE-2024-0019, a vulnerability that allows a malicious app to hide the microphone privacy indicator
CVE-2024-0020: Potential Information Disclosure via Confused Deputy in Android NotificationSoundPreference
In this long-read post, we will discuss the entire concept of the recent CVE-2024-0020 vulnerability discovered in Android's NotificationSoundPreference.java file. We will
CVE-2024-0018 - Dangerous Out of Bounds Write in convertYUV420Planar16ToY410 of ColorConverter.cpp: Exploiting Heap Buffer Overflow for Local Privilege Escalation
Dear Readers,
In this post, we will discuss an alarming security vulnerability documented under the title CVE-2024-0018. This particular vulnerability, identified in convertYUV420Planar16ToY410 of ColorConverter.
CVE-2024-0021 - Logic Error in NotificationAccessConfirmationActivity.java Allows Work Profile Apps to Enable Notification Listener Services
----
Introduction
A local escalation of privilege vulnerability (CVE-2024-0021) has been discovered in the Android operating system. The issue arises from a logic error in
CVE-2024-0023: Analyzing Local Escalation of Privilege Vulnerability in ConvertRGBToPlanarYUV Function of Codec2BufferUtils.cpp
About a newly discovered local vulnerability in ConvertRGBToPlanarYUV function of Codec2BufferUtils.cpp, which could lead to local escalation of privilege without any user interaction.
Introduction
Episode
00:00:00
00:00:00