VDB
ASB-A-210292376
ASB-A-210292376
PUBLISHED
CVSS 8.600000381469727 HIGH
In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Risk Scores
CVSS 4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | :linux_kernel: | Kernel, :0, Kernel |
Exploit Intelligence
Timeline
- Mar 1, 2022 CVE Published
- May 15, 2026 CVE Updated
References
- https://source.android.com/security/bulletin/2022-03-01 advisory
- https://android.googlesource.com/kernel/common/+/b4604acd52a691c2fd33ad0a0fafb7cc19dee5de patch
- https://android.googlesource.com/kernel/common/+/53afb231f54a69d827b882fa282b30bb10cb08a5 patch
- https://android.googlesource.com/kernel/common/+/d3c17d5e271ab688cb117330ec85e125ebf24d88 patch