Description
In __mfc_handle_released_buf of mfc_core_isr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2026-03-10
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A missing bounds check in the __mfc_handle_released_buf function within mfc_core_isr.c causes an out‑of‑bounds write that can be exploited to execute arbitrary code with the privilege level of the calling process. The flaw does not require elevated privileges and can be triggered without any user interaction.

Affected Systems

The vulnerability affects devices running Google Android. No specific versions are listed, so the impact applies broadly to all affected Android releases as noted in the March 2026 security bulletin.

Risk and Exploitability

The CVSS score of 9.8 classifies the vulnerability as critical. EPSS indicates a very low probability of exploitation, but the flaw remains exploitable without additional conditions, and it is not currently listed in the CISA Known Exploited Vulnerabilities catalog. Attackers may leverage malicious media content or system calls, making it potentially reachable via remote or local vectors that do not require user involvement.

Generated by OpenCVE AI on April 16, 2026 at 03:19 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the device to the latest Android version released in the March 2026 security bulletin to receive the official fix.
  • If an immediate OS update is not possible, restrict the use of hardware video decoding or disable the affected codec component via device settings or configuration policies to reduce the attack surface.
  • Apply device‑wide security policies that block the processing of untrusted media files and monitor for anomalous system behavior to detect any attempted exploitation scripts.

Generated by OpenCVE AI on April 16, 2026 at 03:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

Wed, 11 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Vendors & Products Google
Google android

Tue, 10 Mar 2026 22:30:00 +0000

Type Values Removed Values Added
References

Tue, 10 Mar 2026 21:30:00 +0000

Type Values Removed Values Added
References

Tue, 10 Mar 2026 21:00:00 +0000

Type Values Removed Values Added
Description In __mfc_handle_released_buf of mfc_core_isr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
References

Subscriptions

Google Android
cve-icon MITRE

Status: PUBLISHED

Assigner: Google_Devices

Published:

Updated: 2026-03-12T03:55:23.580Z

Reserved: 2025-10-23T08:43:12.852Z

Link: CVE-2026-0116

cve-icon Vulnrichment

Updated: 2026-03-11T14:17:40.767Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-10T21:16:45.063

Modified: 2026-03-11T17:13:42.907

Link: CVE-2026-0116

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T03:30:06Z

Weaknesses