Updated: 2026-02-27 02:37:17.909947
Description:
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | MEDIUM | 6.7 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 6.7 | MEDIUM | Released | CLSA-2023:1677764911 | 2023-03-02 10:04:14 | |
| Ubuntu 16.04 ELS | linux | 4.4.0 | 6.7 | MEDIUM | Released | CLSA-2023:1684277390 | 2023-05-16 21:14:29 | |
| Ubuntu 18.04 ELS | linux | 4.15.0 | 6.7 | MEDIUM | Released | 2023-11-06 02:37:18 |