CVE-2022-42534

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to improper input validation in the trusty ffa mem reclaim function of shared-mem-smcall.c, which could lead to a local escalation of privilege. No additional execution privileges are needed, and user interaction is not required for exploitation.

Recommendations For Android kernel, consider applying a patch that fixes the improper input validation in the trusty ffa mem reclaim function as a permanent solution. As a temporary workaround, restrict access to the shared-mem-smcall.c module to minimize the risk of exploitation.