CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
43.6%
In __dst_negative_advice of sock.h, there is a possible failure to clear sk->sk_dst_cache in the correct order resulting in a use after free. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.
android.googlesource.com/kernel/common/+/079d4f3ff06b21f99aed51d8b22534bdfda5a134
android.googlesource.com/kernel/common/+/3856ad0c3e3028d54c8dac960dec411e45c13146
android.googlesource.com/kernel/common/+/41a05cfc0e471cea173345622375b672edd8ed3c
android.googlesource.com/kernel/common/+/51e48339d74bc7c4e94fd813fc3e61e0fc0c43ae
android.googlesource.com/kernel/common/+/9a84d60e35317c5799ebcbf1c6872f0a2b7d6006
android.googlesource.com/kernel/common/+/9b0dadc811eb0140a61734cde73498c1dd574fa1
android.googlesource.com/kernel/common/+/a7462d7032e5ed971980180c6a5aadc8ad700331
android.googlesource.com/kernel/common/+/b8932254b9b2f02620e96572fee9c615c1db2bc3
android.googlesource.com/kernel/common/+/bd2bcb81d4ebcffd4e56bb8dfe3e3d4c871928f5
android.googlesource.com/kernel/common/+/bda79d62f01fdd3398efe0886faa4eb6330889f6
android.googlesource.com/kernel/common/+/dd432c37afcddde2295aa3b3afc3ab293dbefaf8
source.android.com/security/bulletin/2024-08-01
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
43.6%