In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
android.googlesource.com/kernel/common/+/2bd81ced0685922df12f4be3338ea632805624e9
android.googlesource.com/kernel/common/+/3bb3f19d2f63a4c559645abef673a7ca25b149b7
android.googlesource.com/kernel/common/+/8f9138d6c464a60f37f1b293bc61ccbcce6210f6
android.googlesource.com/kernel/common/+/9290e39a55a98d1788f4d532333bd58b1acf0e10
android.googlesource.com/kernel/common/+/964d3c5a33b1f899a79f55741f9660b7ed2e9c83
android.googlesource.com/kernel/common/+/b89f039e8218beb29c06bb7e957c4eb57bbcdecc
android.googlesource.com/kernel/common/+/c2ab93b45b5cdc426868fb8793ada2cac20568ef
android.googlesource.com/kernel/common/+/df8ce9235e1d1e7d46904bfdbf715aa2c62c0b7e
source.android.com/security/bulletin/2021-03-01