More information about this CVE will likely be available in a few days

Description

In ensureFileColumns of MediaProvider.java, there is a possible disclosure of files owned by another user due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Related CPE's

Could not find any relations

References

https://android.googlesource.com/platform/packages/providers/MediaProvider/+/7a1cbf5a8e17e6bff7c835fdd30dcc42b681db0a

https://source.android.com/security/bulletin/2024-07-01

Weaknesses

Could not find any weaknesses

CVSS impact metrics

Could not find any metrics

Information

Source identifier

[email protected]

Vulnerability status

Awaiting analysis

Published

2024-07-09T21:15:14.277

3 months ago

Last modified

2024-07-11T13:05:54.930

3 months ago