CVE-2020-0259

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to the improper use of crypto in the android verity ctr of dm-android-verity.c. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Recommendations For Android kernel, consider applying a fix to properly use crypto in the android verity ctr of dm-android-verity.c to prevent modification of a dm-verity protected filesystem. At the moment, there is no information about a newer version that contains a fix for this vulnerability.