Description
In OSMMapPMRGeneric of pmr_os.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2026-06-16
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A logic error in the OSMMapPMRGeneric module of pmr_os.c can cause a malicious system call to expand the virtual memory area beyond its allocated bounds. The resulting out‑of‑bounds write can elevate a local user’s privileges without granting additional execution rights. The vulnerability is classified as CWE‑119 and does not require user interaction or any special execution privileges beyond those of the local user.

Affected Systems

The flaw exists in Android devices that include the affected pmr_os.c component. No specific Android version numbers are disclosed in the advisory, so all devices running this code path are potentially vulnerable until a patch is applied.

Risk and Exploitability

The CVSS score of 7.8 indicates high impact, while the EPSS of less than 1% suggests that exploit attempts are expected to be infrequent at present. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires local system access – an attacker already running with access to the device can trigger the bounds overflow and gain escalated privileges. The attack vector is therefore local and does not rely on network or user interaction.

Generated by OpenCVE AI on June 17, 2026 at 18:01 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Android security patch from Google
  • Ensure the device firmware is up‑to‑date by checking the official Android update portal
  • If immediate updating is not possible, limit the device’s exposure by blocking external network access until a patch becomes available

Generated by OpenCVE AI on June 17, 2026 at 18:01 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Title OSMMapPMRGeneric Vulnerability Allows Local Privilege Escalation via VMA Overexpand

Tue, 16 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Vendors & Products Google
Google android

Tue, 16 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 16 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Description In OSMMapPMRGeneric of pmr_os.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Google_Devices

Published:

Updated: 2026-06-17T03:56:11.260Z

Reserved: 2025-10-23T08:44:02.053Z

Link: CVE-2026-0152

cve-icon Vulnrichment

Updated: 2026-06-16T19:58:00.722Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-16T20:16:25.883

Modified: 2026-06-16T20:42:25.013

Link: CVE-2026-0152

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-17T18:15:10Z

Weaknesses
  • CWE-119

    Improper Restriction of Operations within the Bounds of a Memory Buffer