cbcvebase.
CVE-2021-39793
published 2022-03-16

CVE-2021-39793: In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local…

PriorityP182high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-05-02
Exploited in the wild
EPSS
0.73%
49.5th percentile
In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210470189References: N/A

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is in the function `kbase_jd_user_buf_pin_pages` within `mali_kbase_mem.c` — monitor for exploitation attempts targeting Mali GPU kernel driver logic errors leading to out-of-bounds write
  • This vulnerability enables local privilege escalation with no additional execution privileges required and no user interaction — treat any unprivileged local process on affected Google Pixel/Android kernel devices as a potential threat actor
  • CVE-2021-39793 is listed as a Known Exploited Vulnerability by CISA against Google Pixel devices — prioritize detection and patching on Android kernel / Google Pixel fleet
  • ·No public exploit code, hashes, network indicators, or signatures were present in the available sources. Detection must rely on kernel-level behavioral monitoring (e.g., unexpected privilege escalation from unprivileged processes interacting with the Mali GPU driver) rather than static IOCs.

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vulncheck7.8HIGH
cisa7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.