VDB
CISA-2022-20598
CISA-2022-20598
PUBLISHED
CVSS 7.8 HIGH
Reported by google_android · Published December 16, 2022
In sec_media_protect of media.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege of secure mode MFC Core with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242357514References: N/A
Risk Scores
CVSS 3.1
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | Android | Android kernel |
| n/a | Android | Android kernel, Android kernel |
Timeline
- Dec 16, 2022 CVE Published
- Apr 18, 2025 CVE Updated