VDB
ASB-A-440544511
ASB-A-440544511
PUBLISHED
CVSS 8.600000381469727 HIGH
In tls_sw_recvmsg of tls_sw.c, there is a possible use after free due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Risk Scores
CVSS 4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | :linux_kernel: | :0, :0, * |
Timeline
- Mar 1, 2026 CVE Published
- May 15, 2026 CVE Updated
References
- https://source.android.com/security/bulletin/2026-03-01 advisory
- https://android.googlesource.com/kernel/common/+/2902c3ebcca52ca845c03182000e8d71d3a5196f patch
- https://android.googlesource.com/kernel/common/+/74715c47d57ccbff2f2f00bb9d87288e10642325 patch
- https://android.googlesource.com/kernel/common/+/3439c15ae91a517cf3c650ea15a8987699416ad9 patch