VDB
ASB-A-439862698
ASB-A-439862698
PUBLISHED
In __do_ffa_mem_xfer of ffa.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | :linux_kernel: | :0, Kernel, :0 |
Exploit Intelligence
- 4081.3.7.yml (github-poc)
Timeline
- Mar 1, 2026 CVE Published
- May 15, 2026 CVE Updated
References
- https://source.android.com/security/bulletin/2026-03-01 advisory
- https://android.googlesource.com/kernel/common/+/c562f4013ec6771ede259cbec802c85dfdfdf00e patch
- https://android.googlesource.com/kernel/common/+/a45fbd0b57716dd1cc1dd5cfcf7a2756afcbc263 patch
- https://android.googlesource.com/kernel/common/+/8cb652476b6303efe2584d38be8b20a84c141f95 patch