CVE-2024-34733 – Apache DRAM Arbitrary Code Execution Vulnerability

The following table lists the changes that have been made to the CVE-2024-34733 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics.

  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Jan. 28, 2025

    Action Type Old Value New Value
    Added CVSS V3.1 AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Added CWE CWE-190
  • New CVE Received by [email protected]

    Jan. 28, 2025

    Action Type Old Value New Value
    Added Description In DevmemXIntMapPages of devicemem_server.c, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
    Added Reference https://source.android.com/security/bulletin/2024-10-01

نوشته های مشابه

CVE-2025-20094 – Microsoft Defense Platform Windows RCE (Shatter)

CVE-2025-23236 – Cisco Defense Platform Home Edition Buffer Overflow Elevates Privileges

CVE-2024-51547 – ABB ASPECT-Enterprise/NEXUS Series/MATRIX Series Hard-coded Credentials Vulnerability

CVE-2024-51450 – IBM Security Verify Directory Command Injection