ASB-A-260821414 — Vulnetix

ASB-A-260821414 PUBLISHED

In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Products

Vendor	Product	Versions
Android	:linux_kernel:	:0, Kernel, :0

Timeline

May 1, 2023 CVE Published
May 15, 2026 CVE Updated

References

https://source.android.com/security/bulletin/2023-05-01 advisory
https://android.googlesource.com/kernel/common/+/ec6fe823507b2f6ef4a58f3a9bee9a5ec086c32c patch
https://android.googlesource.com/kernel/common/+/984241bdc04f401c423005a52eb013b00e19358c patch

Open in Interactive Console →