CVE-2022-20514

Name of the Vulnerable Software and Affected Versions Android versions Android-13

Description The issue is related to a possible out of bounds write due to a use after free in the acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator functions of Idmap2Service.cpp. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Recommendations For Android version Android-13, update to a version that includes the fix for the issue in Idmap2Service.cpp, specifically addressing the out of bounds write in the acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator functions.