CVE-2024-47029 – This vulnerability allows local attackers to re... (How to Fix)

Q: What is the severity of CVE-2024-47029?

CVE-2024-47029 has a CVSS score of 5.5 (MEDIUM). This vulnerability allows local attackers to read memory beyond intended boundaries in Android's Trusty TEE shared memory manager. It could disclose sensitive information from the Trusted Execution Environment without requiring user interaction. Affects Android devices with vulnerable Trusty implementations.

📋 TL;DR

This vulnerability allows local attackers to read memory beyond intended boundaries in Android's Trusty TEE shared memory manager. It could disclose sensitive information from the Trusted Execution Environment without requiring user interaction. Affects Android devices with vulnerable Trusty implementations.

💻 Affected Systems

Products:

Android with Trusty TEE implementation

Versions: Android versions prior to October 2024 security patch

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Specifically affects Pixel devices and potentially other Android devices using similar Trusty implementations.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Disclosure of cryptographic keys, authentication tokens, or other sensitive data stored in Trusty TEE memory, potentially enabling further attacks.

🟠

Likely Case

Limited information disclosure from adjacent memory regions, possibly exposing non-critical system data or application information.

🟢

If Mitigated

No impact if patched; otherwise, minimal risk with proper isolation and defense-in-depth controls.

🌐 Internet-Facing: LOW - Requires local access to device, not remotely exploitable.

🏢 Internal Only: MEDIUM - Local attackers or malicious apps could exploit this to gain information from the TEE.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to interact with Trusty shared memory interface. No authentication bypass needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: October 2024 Android security patch level

Vendor Advisory: https://source.android.com/security/bulletin/pixel/2024-10-01

Restart Required: Yes

Instructions:

1. Apply October 2024 Android security patch via Settings > System > System update. 2. Reboot device after update completes. 3. Verify patch level in Settings > About phone > Android version.

🔧 Temporary Workarounds

No effective workarounds

all

This is a kernel-level vulnerability requiring patching. No configuration changes can mitigate it.

🧯 If You Can't Patch

Restrict physical access to devices and implement strict app vetting policies
Monitor for unusual Trusty TEE activity or memory access patterns

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone. If before October 2024, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows 'October 5, 2024' or later in Settings > About phone > Android version.

📡 Detection & Monitoring

Log Indicators:

Unusual Trusty shared memory access patterns
Kernel logs showing out-of-bounds memory reads

Network Indicators:

None - local vulnerability only

SIEM Query:

source="android_kernel" AND ("trusty" OR "shared_memory") AND ("out_of_bounds" OR "bounds_check")

📊 Metadata

CVE ID: CVE-2024-47029

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-125

Published: October 25, 2024

Last Updated: October 28, 2024

🔗 References

https://source.android.com/security/bulletin/pixel/2024-10-01 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47029, you might also want to check these: