CVE-2022-20379

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a use after free in the lwis buffer alloc function of lwis buffer.c, which could lead to arbitrary code execution. This might result in local escalation of privilege, requiring System execution privileges. No user interaction is needed for exploitation.

Recommendations For Android kernel, consider applying a patch to fix the use after free issue in lwis buffer alloc as a permanent solution. As a temporary workaround, restricting access to sensitive system resources may help minimize the risk of exploitation. However, specific steps for mitigation are not provided, so it is essential to wait for an official patch. At the moment, there is no information about a newer version that contains a fix for this vulnerability.