Описание
In acc_ctrlrequest_composite of f_accessory.c, there is a possible out of bounds write due to a missing bounds check. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-264029575References: Upstream kernel
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
6.6 Medium
CVSS3
Дефекты
Связанные уязвимости
In acc_ctrlrequest_composite of f_accessory.c, there is a possible out of bounds write due to a missing bounds check. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-264029575References: Upstream kernel
In acc_ctrlrequest_composite of f_accessory.c, there is a possible out ...
In acc_ctrlrequest_composite of f_accessory.c, there is a possible out of bounds write due to a missing bounds check. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-264029575References: Upstream kernel
Уязвимость функции composite_dev_prepare() в модуле drivers/usb/gadget/function/f_accessory.c драйвера файловой системы USBFS ядра операционной системы Android (Android Common Kernel), позволяющая нарушителю повысить свои привилегии
EPSS
6.6 Medium
CVSS3