CVE-2024-22004

Name of the Vulnerable Software and Affected Versions: Google Nest Wifi (affected versions not specified) Linux Nonsecure operating system (affected versions not specified)

Description: The issue is related to a length check that allows an attacker with privilege access to trigger a vulnerability. This can lead to the leakage of secure memory from the Trusted Application. Additionally, there is a buffer overflow operation in the Google Nest Wifi microprogram that can be exploited by a remote attacker, potentially impacting the confidentiality, integrity, and availability of protected information.

Recommendations: For Google Nest Wifi, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Linux Nonsecure operating system, consider restricting access to sensitive areas of the system until a patch is available. As a temporary workaround, consider disabling any functions related to the Trusted Application on the Linux Nonsecure operating system until a patch is available.