CVE-2022-20172

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a missing permission check in the onbind method of ShannonRcsService.java. This could lead to local information disclosure without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android kernel, consider restricting access to sensitive data until a patch is available. As a temporary workaround, review and enforce proper permission checks in the onbind method of ShannonRcsService.java to prevent unauthorized access to protected data.