In copy_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205992503References: N/A
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/pixel/2022-03-01 | Vendor Advisory |
Configurations
History
23 Mar 2022, 20:05
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-190 CWE-787 |
|
First Time |
Google
Google android |
|
CPE | cpe:2.3:o:google:android:-:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
References | (MISC) https://source.android.com/security/bulletin/pixel/2022-03-01 - Vendor Advisory |
16 Mar 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-16 15:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-39732
Mitre link : CVE-2021-39732
CVE.ORG link : CVE-2021-39732
JSON object : View
Products Affected
- android