VDB
ASB-A-396331793
ASB-A-396331793
PUBLISHED
CVSS 8.600000381469727 HIGH
In multiple functions of af_vsock.c, there is a possible way to cause a use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Risk Scores
CVSS 4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | :linux_kernel: | :0, Kernel, :0 |
Timeline
- Sep 1, 2025 CVE Published
- May 15, 2026 CVE Updated
References
- https://source.android.com/security/bulletin/2025-09-01 advisory
- https://android.googlesource.com/kernel/common/+/9241eb16e35eb5fb700caf060ff0efb0e0a0fcd7 patch
- https://android.googlesource.com/kernel/common/+/50854473806ad532c32bdf23327823b860670849 patch
- https://android.googlesource.com/kernel/common/+/537268adf4cdb2b5ec905c01ffa919a71556ffa8 patch
- https://android.googlesource.com/kernel/common/+/e2647b0fb4204838e32275f85859b029dc9f36b4 patch
- https://android.googlesource.com/kernel/common/+/7f11cc02d9eeec5c0eca76ddfa5f5f1c3c6688f2 patch
- https://android.googlesource.com/kernel/common/+/cd0ebcd1757913ed6232b90203f586cd4b59de42 patch