CVE-2021-1048

Name of the Vulnerable Software and Affected Versions Android kernel versions (affected versions not specified)

Description The issue is related to a use-after-free vulnerability in the ep loop check proc function of eventpoll.c. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. The vulnerability is an object state confusion with use-after-free that was patched in the upstream Linux kernel but forgotten by some Android vendors.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.