High Severity Vulnerability
This vulnerability has been rated as High severity. Immediate action is recommended.
CVE-2026-0030
High
Low
Medium
High
Critical
8.4
CVSS Score
Vulnerability Description
In __host_check_page_state_range of mem_protect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
L
Attack Complexity
L
Privileges Required
N
User Interaction
N
Scope
U
Confidentiality
H
Integrity
H
Availability
H
Known Affected Software
1 configuration(s) from 1 vendor(s)
android
Version:
-
CPE:
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
This vulnerability affects 1 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
https://android.googlesource.com/kernel/common/+/986614312222d4b3bdcf16840cdb4abdaed8a42dsecurity@android.com Patch Product
-
https://android.googlesource.com/kernel/common/+/aff2255dbe38dc7c57bac8d3ba9feed989289b20security@android.com Patch Product
-
https://android.googlesource.com/kernel/common/+/f3a4b4d4a1fe2aface7de74ac257b8705b6de472security@android.com Patch Product
-
https://source.android.com/docs/security/bulletin/2026/2026-03-01security@android.com
Severity Details
8.4
out of 10.0
High
Weakness Type (CWE)
CWE-787
Top 25 #2
Out-of-bounds Write
- Description
- The product writes data past the end, or before the beginning, of the intended buffer.
- Exploit Likelihood
- High
- Typical Severity
- High
- Abstraction Level
- Base
Key Information
- Published Date
- March 02, 2026
