CVE-2024-29740
📋 TL;DR
CVE-2024-29740 is an out-of-bounds write vulnerability in the tmu_set_table function of tmu.c in Android's kernel. This allows local attackers to escalate privileges without user interaction or additional execution privileges. The vulnerability affects Google Pixel devices running vulnerable Android versions.
💻 Affected Systems
- Google Pixel smartphones
📦 What is this software?
Android by Google
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise with root privileges, allowing attackers to install persistent malware, access all user data, and bypass security controls.
Likely Case
Local privilege escalation enabling attackers to gain elevated permissions, potentially leading to data theft, surveillance, or further system exploitation.
If Mitigated
Limited impact if devices are fully patched, have SELinux enforcing mode, and follow Android security best practices with minimal local attack surface.
🎯 Exploit Status
Exploitation requires local access but no user interaction. The vulnerability is in kernel code, making exploitation more complex than user-space vulnerabilities.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Android security patch level April 2024 or later
Vendor Advisory: https://source.android.com/security/bulletin/pixel/2024-04-01
Restart Required: Yes
Instructions:
1. Check current security patch level in Settings > About phone > Android version. 2. If patch level is before April 2024, go to Settings > System > System update. 3. Download and install the latest security update. 4. Restart the device after installation completes.
🔧 Temporary Workarounds
Disable unnecessary local services
androidReduce local attack surface by disabling unused apps and services that could be used as entry points.
Enable Google Play Protect
androidEnsure Google Play Protect is active to detect and prevent malicious apps that might exploit this vulnerability.
🧯 If You Can't Patch
- Restrict physical access to devices and implement strict app installation policies
- Monitor for suspicious privilege escalation attempts using Android security logging
🔍 How to Verify
Check if Vulnerable:
Check Settings > About phone > Android version > Security patch level. If date is before April 2024, device is vulnerable.Check Version:
Settings > About phone > Android versionVerify Fix Applied:
After updating, verify Settings > About phone > Android version shows security patch level April 2024 or later.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- SELinux denials for privilege escalation attempts
- Unexpected root access in system logs
Network Indicators:
- Unusual outbound connections from device after local compromise
SIEM Query:
source="android_logs" AND ("kernel panic" OR "segfault" OR "out of bounds")