CVE-2022-20464

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is caused by a logic error in the code of ap input processor.c, allowing for the potential recording of audio during a phone call. This could lead to local information disclosure, with user execution privileges required for exploitation. No user interaction is needed for exploitation.

Recommendations For Android kernel, consider restricting access to sensitive audio functions until a patch is available. As a temporary workaround, disabling the affected functions in ap input processor.c may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.