CVE-2024-31335

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version

Description The issue is related to a logic error in the code of DevmemIntChangeSparse2 in devicemem server.c. This error could lead to arbitrary code execution, resulting in local escalation of privilege in the kernel. No additional execution privileges are needed, and user interaction is not required for exploitation.

Recommendations For versions prior to the fixed version, consider restricting access to the devicemem server.c module to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.