Updated: 2026-02-27 01:42:59.969624
Description:
In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 6.9 |
| CVSS Version 3.x | HIGH | 7.0 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 7.0 | HIGH | Already Fixed | 2024-10-08 06:17:36 | ||
| CentOS 6 ELS | kernel | 2.6.32 | 7.0 | HIGH | Not Vulnerable | 2022-11-29 16:04:21 | Not affected: This CVE is scoped to the Android kernel’s IGMP implementation (Android ID A-1125511... | |
| CentOS 7 ELS | kernel | 3.10.0 | 7.0 | HIGH | Released | CLSA-2024:1728935304 | 2024-10-25 01:03:26 | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 7.0 | HIGH | Released | CLSA-2023:1683229770 | 2023-05-04 17:10:49 | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 7.0 | HIGH | Released | CLSA-2023:1683146027 | 2023-05-04 17:10:49 | |
| CentOS Stream 8 ELS | kernel | 4.18.0 | 7.0 | HIGH | Already Fixed | 2024-10-14 03:41:03 | ||
| CloudLinux 6 ELS | kernel | 2.6.32 | 7.0 | HIGH | Not Vulnerable | 2022-11-29 16:04:21 | ||
| CloudLinux 7 ELS | kernel | 3.10.0 | 7.0 | HIGH | Ignored | 2025-11-08 01:35:25 | CloudLinux 6 and 7 support is limited and provided on demand. We strongly recommend upgrading to Clo... | |
| Oracle Linux 6 ELS | kernel | 2.6.32 | 7.0 | HIGH | Not Vulnerable | 2022-11-29 16:04:21 | Not affected: This CVE is scoped to the Android kernel’s IGMP implementation (Android ID A-1125511... | |
| RHEL 7 ELS | kernel | 3.10.0 | 7.0 | HIGH | Released | CLSA-2025:1750353839 | 2025-06-20 04:45:04 |