CVE-2021-1048
CVSS v3.1
7.8 (High)
CVSS v2.0
7.2 (High)
EPSS
0.06 % (28th)
Affected Products
1
Advisories
4
In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204573007References: Upstream kernel
Weaknesses
- CWE-416
- Use After Free
- CVE Status
- PUBLISHED
- CNA
- Android (associated with Google Inc. or Open Handset Alliance)
- Published Date
-
2021-12-15 19:15:14
(2 years ago) - Updated Date
-
2021-12-20 16:56:29
(2 years ago)
Android Kernel Use-After-Free Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
- Description
- Android kernel contains a use-after-free vulnerability that allows for privilege escalation.
- Required Action
- Apply updates per vendor instructions.
- Known to be Used in Ransomware Campaigns
- Unknown
- Notes
- https://nvd.nist.gov/vuln/detail/CVE-2021-1048
- Vendor
- Android
- Product
- Kernel
- In CISA Catalog from
-
2022-05-23
(2 years ago) - Due Date
-
2022-06-13
(2 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...