CVE-2024-48336
- Source
- https://cve.org/CVERecord?id=CVE-2024-48336
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-48336.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-48336
- Published
- 2024-11-04T18:15:05.027Z
- Modified
- 2026-04-12T11:14:32.639624Z
- Severity
-
- 8.4 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The install() function of ProviderInstaller.java in Magisk App before canary version 27007 does not verify the GMS app before loading it, which allows a local untrusted app with no additional privileges to silently execute arbitrary code in the Magisk app and escalate privileges to root via a crafted package, aka Bug #8279. User interaction is not needed for exploitation.
- References
Affected packages
Git / github.com/topjohnwu/magisk
Affected ranges
- Type
- GIT
- Repo
- https://github.com/topjohnwu/magisk
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
canary-27005
canary-27006
v10
v7
v8
v9
manager-v5.*
manager-v5.8.2
manager-v5.8.3
manager-v5.9.0
manager-v5.9.1
manager-v6.*
manager-v6.0.0
manager-v6.0.1
manager-v6.1.0
manager-v7.*
manager-v7.0.0
manager-v7.1.0
manager-v7.1.1
manager-v7.3.0
manager-v7.3.1
manager-v7.3.2
manager-v7.3.4
manager-v7.3.5
manager-v7.4.0
manager-v7.5.0
manager-v7.5.1
manager-v8.*
manager-v8.0.0
manager-v8.0.1
manager-v8.0.2
manager-v8.0.3
manager-v8.0.4
manager-v8.0.5
manager-v8.0.6
manager-v8.0.7
v10.*
v10.1
v11.*
v11.0
v11.1
v11.5
v11.6
v12.*
v12.0
v13.*
v13.0
v13.1
v13.2
v13.3
v14.*
v14.0
v14.2
v14.3
v14.5
v14.6
v15.*
v15.0
v15.1
v15.2
v15.3
v15.4
v16.*
v16.0
v16.1
v16.2
v16.3
v16.4
v16.6
v16.7
v17.*
v17.0
v17.1
v17.2
v17.3
v18.*
v18.0
v18.1
v19.*
v19.0
v19.3
v19.4
v20.*
v20.0
v20.1
v20.2
v20.3
v20.4
v21.*
v21.0
v21.1
v21.2
v21.3
v21.4
v22.*
v22.0
v22.1
v23.*
v23.0
v24.*
v24.0
v24.1
v24.2
v24.3
v25.*
v25.0
v25.1
v25.2
v26.*
v26.0
v26.1
v26.2
v26.3
v26.4
v27.*
v27.0
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-48336.json"
vanir_signatures_modified
"2026-04-12T11:14:32Z"
vanir_signatures
[
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 395.0,
"function_hash": "72116613464738985378492005673564804781"
},
"source": "https://github.com/topjohnwu/magisk/commit/c2eb6039579b8a2fb1e11a753cea7662c07bec02",
"id": "CVE-2024-48336-17365993",
"signature_type": "Function",
"target": {
"function": "install",
"file": "app/shared/src/main/java/com/topjohnwu/magisk/ProviderInstaller.java"
}
},
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"271302748090116704997226398093029057196",
"46949343717901107046691334759137754466",
"165786013411591125339127227260090336603",
"80814988501233857635143305039870665054",
"224740942548903968123671431217185881093",
"72707519580048014493916002148735777390"
]
},
"source": "https://github.com/topjohnwu/magisk/commit/c2eb6039579b8a2fb1e11a753cea7662c07bec02",
"id": "CVE-2024-48336-745a282f",
"signature_type": "Line",
"target": {
"file": "app/shared/src/main/java/com/topjohnwu/magisk/ProviderInstaller.java"
}
}
]