cve/2024/CVE-2024-20009.md

### [CVE-2024-20009](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20009)
![](https://img.shields.io/static/v1?label=Product&message=MT6580%2C%20MT6739%2C%20MT6761%2C%20MT6762%2C%20MT6765%2C%20MT6779%2C%20MT6785%2C%20MT6789%2C%20MT6833%2C%20MT6835%2C%20MT6853%2C%20MT6853T%2C%20MT6855%2C%20MT6873%2C%20MT6877%2C%20MT6879%2C%20MT6883%2C%20MT6885%2C%20MT6886%2C%20MT6889%2C%20MT6895%2C%20MT6983%2C%20MT6985%2C%20MT8163%2C%20MT8167%2C%20MT8167S%2C%20MT8168%2C%20MT8173%2C%20MT8175%2C%20MT8176%2C%20MT8185%2C%20MT8188%2C%20MT8188T&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20Android%2012.0%2C%2013.0%2C%2014.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen)

### Description

In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2024-20009](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20009)`
			`![](https://img.shields.io/static/v1?label=Product&message=MT6580%2C%20MT6739%2C%20MT6761%2C%20MT6762%2C%20MT6765%2C%20MT6779%2C%20MT6785%2C%20MT6789%2C%20MT6833%2C%20MT6835%2C%20MT6853%2C%20MT6853T%2C%20MT6855%2C%20MT6873%2C%20MT6877%2C%20MT6879%2C%20MT6883%2C%20MT6885%2C%20MT6886%2C%20MT6889%2C%20MT6895%2C%20MT6983%2C%20MT6985%2C%20MT8163%2C%20MT8167%2C%20MT8167S%2C%20MT8168%2C%20MT8173%2C%20MT8175%2C%20MT8176%2C%20MT8185%2C%20MT8188%2C%20MT8188T&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20Android%2012.0%2C%2013.0%2C%2014.0%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen)`

			`### Description`

			`In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/fkie-cad/nvd-json-data-feeds`