CVE-2024-27232 Information

Description

In asn1_ec_pkey_parse of asn1_common.c there is a possible OOB read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Reference

https://source.android.com/security/bulletin/pixel/2024-04-01