PT-2022-14569 · Google · Android
Published
2022-08-01
·
Updated
2022-08-12
·
CVE-2022-20344
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Android versions Android-10 through Android-12L
Description
A race condition in the stealReceiveChannel of EventThread.cpp could allow interference with process communication, potentially leading to local escalation of privilege without requiring additional execution privileges. User interaction is not necessary for exploitation.
Recommendations
For Android versions Android-10 through Android-12L, apply the fix for the race condition in the stealReceiveChannel of EventThread.cpp to prevent local escalation of privilege.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android