QwikSec

Security Database

CVE

CWE

Training

CVE-2022-20421

Published: Oct 11, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel

Vendor	Product	Versions
n/a	Android	affected `Android kernel`

References

https://source.android.com/security/bulletin/2022-10-01

vendor-advisory

[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.