In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Configurations
History
17 Jun 2026, 10:10
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
06 Mar 2026, 04:16
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
03 Mar 2026, 15:30
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Google android
|
|
| CWE | CWE-787 | |
| CPE | cpe:2.3:o:google:android:-:*:*:*:*:*:*:* | |
| References | () https://android.googlesource.com/kernel/common/+/6c400c2e2e46f3a1117ce5da316ecdc1dbb1a031 - Patch, Product | |
| References | () https://source.android.com/security/bulletin/2026-03-01 - Broken Link |
02 Mar 2026, 21:16
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.4 |
02 Mar 2026, 19:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-03-02 19:16
Updated : 2026-06-17 10:10
NVD link : CVE-2026-0037
Mitre link : CVE-2026-0037
CVE.ORG link : CVE-2026-0037
JSON object : View
Products Affected
- android
CWE
CWE-787
Out-of-bounds Write
