The following security vulnerabilities have been identified:
While processing IOCTL for IPA routing, there is no protection against multiple IPA header deletions from user application. If user application deletes header multiple times and that header is being used by a routing rule, a use after free occurs.
Access Vector: Local
Security Risk: Medium
Vulnerability: CWE-416 Use After Free
All Android releases from CAF using the Linux kernel.
We advise customers to apply the following patches:
This issue was reported to Google by an external security researcher. Qualcomm Innovation Center, Inc. (QuIC) thanks Google for bringing this issue to QuIC's attention.