PT-2024-18740 · Unknown · Little Kernel
Published
2024-03-04
·
Updated
2025-02-10
·
CVE-2024-20832
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Little Kernel in bootloader versions prior to SMR Mar-2024 Release 1
Description
A heap overflow issue in Little Kernel in bootloader allows local privileged attackers to execute arbitrary code. This issue persists even after reboots and factory resets.
Recommendations
For versions prior to SMR Mar-2024 Release 1, update to SMR Mar-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting privileged access to the bootloader until a patch is applied.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Little Kernel