CVE-2022-20238

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version

Description The issue is related to the implementation of the remap pfn range() function in the Android operating system kernel, which can lead to a buffer overflow in memory when processing the vma->vm page prot parameter. This can allow a remote attacker to cause a denial of service. The remap pfn range() function may map out of size kernel memory, and because the vma->vm page prot can also be controlled by userspace, userspace may map the kernel area to be writable, making it easy to be exploited.

Recommendations As a temporary workaround, consider restricting access to the remap pfn range() function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.