VDB
CVE-2026-0115
CVE-2026-0115
PUBLISHED
CVSS 2.0999999046325684 LOW
In static long dev_send of tipc_dev_ql, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS 0.01% · 0.9th percentile
Risk Scores
CVSS 3.1
2.0999999046325684
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
EPSS Score
0.01%
0.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | Android kernel, Android kernel | |
| android |
Exploit Intelligence
- https://source.android.com/security/bulletin/pixel/2025-03-01 (circl)
- https://source.android.com/docs/security/bulletin/pixel/2026/2026-03-01 (circl)
- https://source.android.com/docs/security/bulletin/2026/2026-03-01 (circl)
- ghost_report_20260113_010235.json (github-poc)
- ghost_report_20260113_010235.json (github-poc)
- ghost_report_20260113_010235.json (github-poc)
- ghost_report_20260113_010235.json (github-poc)
Timeline
- Mar 4, 2026 CVE Published
- Mar 11, 2026 EPSS Score
- Mar 12, 2026 EPSS Score
- Mar 13, 2026 EPSS Score
- Mar 14, 2026 EPSS Score
- Mar 15, 2026 EPSS Score
- Mar 16, 2026 EPSS Score
- Mar 17, 2026 EPSS Score
- Mar 18, 2026 EPSS Score
- Mar 19, 2026 EPSS Score
- Mar 20, 2026 EPSS Score
- Mar 21, 2026 EPSS Score
References
- https://source.android.com/docs/security/bulletin/pixel/2026/2026-03-01?hl=fr advisory
- https://source.android.com/docs/security/bulletin/2026/2026-03-01 vendor-advisory
- https://source.android.com/docs/security/bulletin/pixel/2026/2026-03-01 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-0115 advisory
- https://source.android.com/security/bulletin/pixel/2026-03-01 url
- https://source.android.com/security/bulletin/pixel/2025-03-01 url