In SensorService::isDataInjectionEnabled of frameworks...
Moderate severity
Unreviewed
Published
Nov 28, 2024
to the GitHub Advisory Database
•
Updated Nov 30, 2024
Description
Published by the National Vulnerability Database
Nov 27, 2024
Published to the GitHub Advisory Database
Nov 28, 2024
Last updated
Nov 30, 2024
In SensorService::isDataInjectionEnabled of frameworks/native/services/sensorservice/SensorService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References