In ic_startRetrieveEntryValue of acropora/app/identity/ic...
Moderate severity
Unreviewed
Published
Dec 16, 2021
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Dec 15, 2021
Published to the GitHub Advisory Database
Dec 16, 2021
Last updated
Jan 27, 2023
In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of defense-in-depth due to missing validation of the return value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195573629References: N/A
References