CVE-2024-34737

Name of the Vulnerable Software and Affected Versions ActivityClientController.java (affected versions not specified)

Description The issue is related to a logic error in the ensureSetPipAspectRatioQuotaTracker function of ActivityClientController.java. This error can lead to the generation of unmovable and undeletable picture-in-picture (pip) windows. As a result, it could allow for local escalation of privilege without requiring additional execution privileges. Notably, user interaction is not necessary for the exploitation of this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.