Vulnerability Details : CVE-2022-20009
In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213172319References: Upstream kernel
Published
2022-05-10 20:15:09
Updated
2022-05-16 16:03:19
Vulnerability category: Memory Corruption
Exploit prediction scoring system (EPSS) score for CVE-2022-20009
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 15 %
Percentile, the proportion of vulnerabilities that are scored at or less