CVE-2022-20399

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to the SEPolicy configuration of system apps, which allows access to the 'ip' utility due to an insecure default value. This could lead to local information disclosure of network data without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android kernel, consider restricting access to the 'ip' utility as a temporary workaround until a patch is available.