CVE-2022-20154
Description
In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel
CvssV3 impact
Could not find any metrics
CvssV2 impact
AccessComplexity | MEDIUM |
ConfidentialityImpact | PARTIAL |
AvailabilityImpact | PARTIAL |
IntegrityImpact | PARTIAL |
BaseScore | 4.400000095367432 |
VectorString | AV:L/AC:M/Au:N/C:P/I:P/A:P |
Version | 2.0 |
AccessVector | LOCAL |
Authentication | NONE |