CVE-2022-20162
CVE-2022-20162 is an information-disclosure flaw in the Android kernel’s crypto/asn1.c, specifically in the function asn1_p256_int, where an incorrect bounds check allows an out-of-bounds read. The impact is local information disclosure with system privileges required; exploitation requires no us...