[Privesc in Android 9 and below]

2021-03-0100:00:00

Google

osv.dev

android

memory corruption

local escalation

EPSS

Percentile

5.1%

JSON

In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

android.googlesource.com/kernel/common/+/2bd81ced0685922df12f4be3338ea632805624e9

android.googlesource.com/kernel/common/+/3bb3f19d2f63a4c559645abef673a7ca25b149b7

android.googlesource.com/kernel/common/+/8f9138d6c464a60f37f1b293bc61ccbcce6210f6

android.googlesource.com/kernel/common/+/9290e39a55a98d1788f4d532333bd58b1acf0e10

android.googlesource.com/kernel/common/+/964d3c5a33b1f899a79f55741f9660b7ed2e9c83

android.googlesource.com/kernel/common/+/b89f039e8218beb29c06bb7e957c4eb57bbcdecc

android.googlesource.com/kernel/common/+/c2ab93b45b5cdc426868fb8793ada2cac20568ef

android.googlesource.com/kernel/common/+/df8ce9235e1d1e7d46904bfdbf715aa2c62c0b7e

source.android.com/security/bulletin/2021-03-01

EPSS

Percentile

5.1%

JSON

Related for OSV:ASB-A-176919394