Updated: 2024-11-30 03:31:29.374866
Description:
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-160822094References: Upstream kernel
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | LOW | 1.9 |
CVSS Version 3.x | MEDIUM | 4.1 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
CentOS 6 ELS | kernel | 2.6.32 | 4.1 | MEDIUM | Not Vulnerable | 2022-03-30 18:48:03 | ||
CentOS 8.4 ELS | kernel | 4.18.0 | 4.1 | MEDIUM | Not Vulnerable | 2022-03-30 18:48:03 | ||
CentOS 8.5 ELS | kernel | 4.18.0 | 4.1 | MEDIUM | Ignored | 2022-03-30 18:48:03 | ||
CloudLinux 6 ELS | kernel | 2.6.32 | 4.1 | MEDIUM | Not Vulnerable | 2022-03-30 18:48:03 | ||
Oracle Linux 6 ELS | kernel | 2.6.32 | 4.1 | MEDIUM | Not Vulnerable | 2022-03-30 18:48:03 | ||
Ubuntu 16.04 ELS | linux | 4.4.0 | 4.1 | MEDIUM | Released | CLSA-2022:1667414297 | 2022-11-02 17:06:29 |