Zifnab06

Name of the Vulnerable Software and Affected Versions: LineageOS versions 16.0 and earlier Description: The issue concerns incorrect access control. It allows an attacker with physical access to exploit the `adb shell` component by setting a specific property, enabling them to restart `adb` as root. This can be achieved by running the command `adb shell setprop service.adb.root 1` in a normal `adb` shell session when `adb` is enabled. Recommendations: For LineageOS versions 16.0 and earlier, consider disabling `adb` access when not needed to minimize the risk of exploitation. As a temporary workaround, restrict physical access to devices until a patch is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.