CVE-2022-20598

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to an integer overflow in the sec media protect function of media.c, which could lead to a local escalation of privilege in secure mode MFC Core. No additional execution privileges are needed, and user interaction is not required for exploitation.

Recommendations For Android kernel, consider applying a patch to fix the integer overflow issue in the sec media protect function as a permanent solution. As a temporary workaround, restrict access to the sec media protect function to minimize the risk of exploitation.