CVE-2024-29743 – CVE-2024-29743 is an out-of-bounds write vulner... (How to Fix)

Q: What is the severity of CVE-2024-29743?

CVE-2024-29743 has a CVSS score of 7.7 (HIGH). CVE-2024-29743 is an out-of-bounds write vulnerability in the tmu_set_temp_lut function of tmu.c in Android's Pixel kernel. This allows local attackers to escalate privileges without user interaction or additional execution privileges. The vulnerability affects Google Pixel devices running vulnerable Android kernel versions.

📋 TL;DR

CVE-2024-29743 is an out-of-bounds write vulnerability in the tmu_set_temp_lut function of tmu.c in Android's Pixel kernel. This allows local attackers to escalate privileges without user interaction or additional execution privileges. The vulnerability affects Google Pixel devices running vulnerable Android kernel versions.

💻 Affected Systems

Products:

Google Pixel devices

Versions: Android kernel versions before April 2024 security patch

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Pixel devices with vulnerable kernel builds. Requires local access to the device.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise with root privileges, enabling data theft, persistence, and lateral movement within the device.

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated permissions and bypass security controls.

🟢

If Mitigated

Limited impact with proper kernel hardening, SELinux policies, and timely patching.

🌐 Internet-Facing: LOW - This is a local kernel vulnerability requiring local access to exploit.

🏢 Internal Only: HIGH - Malicious apps or users with local access can exploit this for privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access but no user interaction. Kernel exploitation typically requires specific knowledge of memory layout.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: April 2024 Android security patch or later

Vendor Advisory: https://source.android.com/security/bulletin/pixel/2024-04-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > System update. 2. Install the April 2024 or later security patch. 3. Reboot the device after installation.

🔧 Temporary Workarounds

Restrict app installations

android

Only install apps from trusted sources like Google Play Store to reduce risk of malicious apps exploiting the vulnerability.

Enable Google Play Protect

android

Ensure Google Play Protect is enabled to detect potentially harmful apps.

🧯 If You Can't Patch

Isolate affected devices from sensitive networks and data
Implement strict app installation policies and monitor for suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version. If before April 2024, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows April 2024 or later in Settings > About phone > Android version.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
SELinux denials for privilege escalation attempts
Abnormal process behavior in system logs

Network Indicators:

Unusual outbound connections from system processes

SIEM Query:

source="android_logs" AND (event_type="kernel_panic" OR process_name="tmu" OR privilege_escalation=true)

📊 Metadata

CVE ID: CVE-2024-29743

CVSS v3 Score: 7.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-787

Published: April 5, 2024

Last Updated: June 17, 2025

🔗 References

https://source.android.com/security/bulletin/pixel/2024-04-01 Vendor Advisory
https://source.android.com/security/bulletin/pixel/2024-04-01 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-29743, you might also want to check these: