Skip to main content

Release of Invalid Pointer or Reference


Severity High
Score 7.8/10


In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150693166References: Upstream kernel

  • LOW
  • HIGH
  • NONE
  • LOW
  • HIGH
  • HIGH

CWE-763 - Release of Invalid Pointer or Reference

The application attempts to return a memory resource to the system, but calls the wrong release function or calls the appropriate release function incorrectly.


Advisory Timeline

  • Published