Description
In edgetpu_sync_fence_group_shutdown() of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Published: 2026-06-16
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw is located in the EdgeTPU driver within edgetpu_sync_fence_group_shutdown() of edgetpu-dmabuf.c. A use‑after‑free condition permits a local attacker to escalate privilege and gain System execution rights. The vulnerability is designated as CWE‑416 and does not require user interaction.

Affected Systems

Google Android devices that utilize the EdgeTPU driver, including Pixel smartphones and tablets running the current Android OS without a patched driver, are affected. Specific OS or hardware versions are not disclosed, so any device dependent on the unpatched edgetpu-dmabuf.c code is at risk.

Risk and Exploitability

The CVSS score of 7.8 signifies high severity; however, the EPSS score is below 1 %, indicating a low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. Despite the low exploitation likelihood, the attack can occur locally and without user interaction, making it a credible threat when a device runs a vulnerable EdgeTPU driver.

Generated by OpenCVE AI on June 17, 2026 at 18:04 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Download and install the latest Android security patch from Google that corrects the EdgeTPU use‑after‑free issue.
  • Enable automatic system updates so the device receives the patch as soon as it is released.
  • Until the patch is applied, limit installation of third‑party applications that load the EdgeTPU driver and avoid rooting or modifying the OS.

Generated by OpenCVE AI on June 17, 2026 at 18:04 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Title EdgeTPU use‑after‑free vulnerability can enable local privilege escalation on Android devices.

Tue, 16 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-416
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 16 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Vendors & Products Google
Google android

Tue, 16 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Description In edgetpu_sync_fence_group_shutdown() of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Google_Devices

Published:

Updated: 2026-06-17T03:56:20.060Z

Reserved: 2025-10-23T08:43:41.241Z

Link: CVE-2026-0137

cve-icon Vulnrichment

Updated: 2026-06-16T20:20:06.273Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-16T20:16:24.527

Modified: 2026-06-16T20:42:25.013

Link: CVE-2026-0137

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-17T18:15:10Z

Weaknesses