CVE-2021-0399

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a use after free in the qtaguid untag function of the xt qtaguid.c file in the Android kernel, which can lead to memory corruption. This could allow an attacker to escalate their privileges locally without needing additional execution privileges. User interaction is not required for exploitation.

Recommendations As a temporary workaround, consider disabling the qtaguid untag function until a patch is available. Restrict access to the vulnerable xt qtaguid.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.