[ASB-A-111893654] syzkaller › usb/media/uvc: warning in uvc_scan_chain_forward/__list_add

Severity High

Affected Packages 1

Fixed Packages 1

CVEs 1

In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Package	Affected Version
pkg:generic/android#linux_kernel	>= :0, < :2020-09-05

Package	Fixed Version
pkg:generic/android#linux_kernel	= :2020-09-05

ID

ASB-A-111893654

Severity

high

URL

https://source.android.com/security/bulletin/2020-09-01

Published

2020-09-01T00:00:00
(4 years ago)

Modified

2024-07-31T14:43:08
(7 weeks ago)

Rights

Android Security Team

Other Advisories

Source	# ID	Name	URL
Advisory			https://source.android.com/security/bulletin/2020-09-01
Fix			https://android.googlesource.com/kernel/common/+/68035c80e129

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Fixed	pkg:generic/android#linux_kernel		android	= :2020-09-05
Affected	pkg:generic/android#linux_kernel		android	>= :0 < :2020-09-05

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date