Login Sign Up

CVE-2024-40675

7.5 HIGH
Denial of Service

📋 TL;DR

This vulnerability in Android's Intent parsing allows an attacker to cause an infinite loop through specially crafted input, leading to denial of service. It affects Android devices and requires no user interaction or special privileges for exploitation.

💻 Affected Systems

Products:
  • Android
Versions: Android versions prior to October 2024 security patch
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: All Android devices with vulnerable versions are affected regardless of configuration.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Device becomes completely unresponsive requiring hard reboot, potentially causing data loss or corruption if critical processes are affected.

🟠

Likely Case

Individual apps or system components freeze or crash, requiring app restart or device reboot to restore functionality.

🟢

If Mitigated

Minimal impact with proper sandboxing and process isolation limiting the scope to individual components.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring app installation or local access, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Malicious apps or compromised internal apps could exploit this to disrupt device functionality.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires ability to trigger Intent parsing with malicious input, typically through app installation or compromised app.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: October 2024 Android Security Patch or later

Vendor Advisory: https://source.android.com/security/bulletin/2024-10-01

Restart Required: No

Instructions:

1. Check for system updates in Settings > System > System update. 2. Install October 2024 or later security patch. 3. No reboot required for patch application.

🔧 Temporary Workarounds

Restrict app installations

all

Only install apps from trusted sources like Google Play Store to reduce risk of malicious apps exploiting this vulnerability.

🧯 If You Can't Patch

  • Implement strict app vetting and only allow installation of trusted applications
  • Monitor for app crashes or system freezes that could indicate exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check Android version and security patch level in Settings > About phone > Android version

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows October 2024 or later in Settings > About phone

📡 Detection & Monitoring

Log Indicators:

  • Excessive ANR (Application Not Responding) logs
  • System_server or app process stuck in loops
  • Watchdog timeout events

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

source="android_logs" AND (message="ANR" OR message="watchdog" OR message="not responding") AND process="system_server"

📊 Metadata

CVE ID: CVE-2024-40675
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-835
EPSS Score: 0.07% exploit probability (21.7th percentile)
Published: January 28, 2025
Last Updated: April 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-40675, you might also want to check these:

CVE-2021-42143 9.1

This vulnerability in Contiki-NG tinyDTLS allows remote attackers to cause denial of service and pot...

Same vulnerability type (CWE-835)
CVE-2026-25533 8.8

This vulnerability allows attackers to bypass multiple security layers in Enclave, a JavaScript sand...

Same vulnerability type (CWE-835)
CVE-2023-20083 8.6

A vulnerability in Cisco Firepower Threat Defense (FTD) Software's ICMPv6 inspection with Snort 2 al...

Same vulnerability type (CWE-835)