In pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE ID: CVE-2024-29741
CVSS Base Severity: HIGH
CVSS Base Score: 7.8
Vendor: Google
Product: Android
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 1.45% (scored less or equal to compared to others)
EPSS Date: 2025-03-28 (when was this score calculated)
SSVC Exploitation: none
SSVC Technical Impact: total
SSVC Automatable: false