CVE-2022-20377
CVE-2022-20377 affects Android’s keymaster_ipc.cpp, enabling an attacker to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. This configuration flaw can lead to local elevation of privilege with no additional execution privileges required and without user interaction. Public r...