Login Sign Up

CVE-2024-0050

7.8 HIGH

📋 TL;DR

This CVE describes an out-of-bounds write vulnerability in Android's SoftVideoDecoderOMXComponent that could allow local privilege escalation or code execution. The vulnerability requires no user interaction and no additional execution privileges to exploit. It affects Android devices running vulnerable versions of the media framework.

💻 Affected Systems

Products:
  • Android
Versions: Android versions prior to March 2024 security patch
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices using the vulnerable media framework component. All Android devices with unpatched versions are vulnerable.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains full system control through privilege escalation leading to complete device compromise.

🟠

Likely Case

Local app escapes sandbox to access other app data or system resources.

🟢

If Mitigated

Exploit fails due to existing security controls like SELinux or app sandboxing.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring local access to the device.
🏢 Internal Only: HIGH - Malicious apps or users with physical/network access could exploit this locally.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

No user interaction needed but requires local access. Exploit development requires understanding of Android media framework.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: March 2024 Android Security Patch

Vendor Advisory: https://source.android.com/security/bulletin/2024-03-01

Restart Required: Yes

Instructions:

1. Check for Android system updates in Settings > System > System update. 2. Install March 2024 security patch. 3. Reboot device after installation.

🔧 Temporary Workarounds

Disable vulnerable media components

android

Temporarily disable or restrict access to vulnerable media framework components

adb shell pm disable com.android.media
adb shell setenforce 1

🧯 If You Can't Patch

  • Restrict physical access to devices and implement strict app installation policies
  • Use Android Enterprise or MDM solutions to enforce security policies and app whitelisting

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version > Security patch level. If before March 2024, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows 'March 5, 2024' or later in Settings > About phone.

📡 Detection & Monitoring

Log Indicators:

  • Media framework crashes in logcat
  • SELinux denials related to media components
  • Unexpected privilege escalation attempts

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

source="android_logs" AND ("SoftVideoDecoderOMXComponent" OR "media framework crash")

📊 Metadata

CVE ID: CVE-2024-0050
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: March 11, 2024
Last Updated: December 16, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-0050, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)