6.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.0005 Low
EPSS
Percentile
17.6%
In acc_ctrlrequest_composite of f_accessory.c, there is a possible out of
bounds write due to a missing bounds check. This could lead to physical
escalation of privilege with no additional execution privileges needed.
User interaction is needed for exploitation.Product: AndroidVersions:
Android kernelAndroid ID: A-264029575References: Upstream kernel
Author | Note |
---|---|
sbeattie | USB gadget accessories are part of an Android specific patch set not included in the upstream. Introduced in the Android kernel in 483cb5629ea7 (“ANDROID: usb: gadget: f_accessory: Add Android Accessory function”) |