In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2022-06-15T13:00:51
Updated: 2024-08-03T02:02:30.662Z
Reserved: 2021-10-14T00:00:00
Link: CVE-2022-20132
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-06-15T13:15:08.763
Modified: 2022-06-23T18:29:49.103
Link: CVE-2022-20132
Redhat