CVE-2026-0110 - Vulnerability Details

- Memory corruption in Android message handler allows privilege escalation with no user interaction

Description

In MM_DATA_IND of cn_NrSmMsgHdlrFromMM.cpp, there is a possible EoP due to memory corruption. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: 2026-03-10

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

In the Android source file cn_NrSmMsgHdlrFromMM.cpp, a memory corruption issue exists in the MM_DATA_IND routine that can be exploited to bypass the end‑of‑process (EoP) check. This flaw allows an attacker to obtain escalated privileges on the device without needing any additional execution rights. The vulnerability is a classic buffer overflow (CWE-120). Since the flaw occurs during normal message handling, it may be triggered by external input without any user interaction.

Affected Systems

The vulnerability is present in the Google Android operating system. No version information was provided, so all releases that include the affected code path are potentially impacted. Devices running Android variants that include the cn_NrSmMsgHdlrFromMM.cpp component are at risk.

Risk and Exploitability

The score of 9.8 on the CVSS scale indicates a high severity level for privilege escalation. The EPSS value, rated below 1%, indicates a very low exploitation probability, and the vulnerability is not listed in the CISA KEV catalog. The attack vector, while not directly stated, is inferred to be remote as the flaw can be triggered by an attacker sending crafted messages to the vulnerable component, with no user interaction required.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Google

Android

unaffected

Version	Status	Constraints
`Android kernel`	affected	—

Configuration 1 [-]

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Google

Android

100%

Version	Status	Scheme	Platform
`Android kernel`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest Android security update from Google that addresses the buffer overflow in the message handler.
Reboot the device to ensure the updated code is active.
As a temporary mitigation, disable the affected messaging component or apply system restrictions until the patch is applied. \nIf a patch cannot be applied immediately, employ kernel mitigations such as enabling stack canaries and address‑space randomization to reduce the risk of successful exploitation.

Generated by OpenCVE AI on April 17, 2026 at 11:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00228.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://source.android.com/docs/security/bulletin/2026/2026-03-01
https://source.android.com/docs/security/bulletin/pixel/2026/2026-03-01

History

Fri, 17 Apr 2026 12:00:00 +0000

Type	Values Removed	Values Added
Title		Memory corruption in Android message handler allows privilege escalation with no user interaction

Thu, 12 Mar 2026 03:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 11 Mar 2026 17:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:o:google:android:-:::::::*

Wed, 11 Mar 2026 15:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-120
References		https://source.android.com/docs/security/bulletin/pixel/2026/2026-03-01
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Wed, 11 Mar 2026 12:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Google Google android
Vendors & Products		Google Google android

Tue, 10 Mar 2026 22:30:00 +0000

Type	Values Removed	Values Added
References	https://source.android.com/security/bulletin/pixel/2026-03-01

Tue, 10 Mar 2026 21:30:00 +0000

Type	Values Removed	Values Added
References		https://source.android.com/docs/security/bulletin/2026/2026-03-01

Tue, 10 Mar 2026 21:00:00 +0000

Type	Values Removed	Values Added
Description		In MM_DATA_IND of cn_NrSmMsgHdlrFromMM.cpp, there is a possible EoP due to memory corruption. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References		https://source.android.com/security/bulletin/pixel/2026-03-01

Subscriptions

Google Android

MITRE

Status: PUBLISHED

Assigner: Google_Devices

Published: 2026-03-10T20:46:39.581Z

Updated: 2026-03-12T03:55:28.441Z

Reserved: 2025-10-23T08:43:02.755Z

Link: CVE-2026-0110

Vulnrichment

Updated: 2026-03-11T14:48:16.792Z

NVD

Status : Analyzed

Published: 2026-03-10T21:16:44.447

Modified: 2026-03-11T17:14:10.313

Link: CVE-2026-0110

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-17T11:45:06Z

Weaknesses

CWE-120

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object