Use of Uninitialized Resource
CVE-2022-20176
Summary
In auth_store of sjtag-driver.c, there is a possible read of uninitialized memory due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-197787879References: N/A
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- HIGH
- HIGH
- NONE
CWE-908 - Use of Uninitialized Resource
The software uses or accesses a resource that has not been initialized.
References
Advisory Timeline
- Published