CVE-2024-23716 Information

Description

In DevmemIntPFNotify of devicemem_server.c there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Reference

https://source.android.com/security/bulletin/2024-09-01