Description
In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2026-03-02
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

The vulnerability resides in several functions within ffa.c of the Android kernel. A logic flaw can corrupt memory and allows an attacker who can run code on the device to elevate privileges locally. No additional execution privileges are required and no user interaction is needed, so any user‑space process with sufficient rights could trigger the corruption.

Affected Systems

Affected systems are Android devices that run the default kernel image provided by Google. The flaw exists in the ffa.c component, and no specific firmware or Android version is listed, meaning all devices that include this source code are potentially vulnerable.

Risk and Exploitability

The CVSS score of 8.4 indicates a high severity vulnerability. The EPSS score of <1% reflects a currently low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is local: an attacker who can execute code on the device can exploit the memory corruption to gain elevated privileges without needing any special user interaction or external access.

Generated by OpenCVE AI on April 17, 2026 at 13:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Android operating system to the latest release that incorporates the ffa.c patch
  • Reboot the device after installing the update to ensure all kernel modules are refreshed
  • If updates are not immediately available, limit the use of affected firmware by avoiding unpatched devices in mission‑critical environments

Generated by OpenCVE AI on April 17, 2026 at 13:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 17 Apr 2026 13:45:00 +0000

Type Values Removed Values Added
Title Android Kernel ffa.c Logic Error Enables Local Privilege Escalation

Fri, 06 Mar 2026 04:30:00 +0000

Type Values Removed Values Added
References

Fri, 06 Mar 2026 04:15:00 +0000

Type Values Removed Values Added
References

Tue, 03 Mar 2026 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Weaknesses CWE-787
CPEs cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Vendors & Products Google
Google android

Mon, 02 Mar 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 02 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References

Subscriptions

Google Android
cve-icon MITRE

Status: PUBLISHED

Assigner: google_android

Published:

Updated: 2026-03-06T03:57:34.347Z

Reserved: 2025-10-15T15:39:23.733Z

Link: CVE-2026-0037

cve-icon Vulnrichment

Updated: 2026-03-02T20:27:24.509Z

cve-icon NVD

Status : Modified

Published: 2026-03-02T19:16:31.763

Modified: 2026-03-06T04:16:06.810

Link: CVE-2026-0037

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T13:30:19Z

Weaknesses