CVE-2022-20582

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a possible out of bounds write in the ppmp unprotect mfcfw buf function of drm fw.c due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Recommendations For Android kernel, consider applying a patch or fix that addresses the improper input validation in the ppmp unprotect mfcfw buf function of drm fw.c to prevent out of bounds write. As a temporary workaround, consider restricting access to the drm fw.c module to minimize the risk of exploitation.