CVE-2022-20554
published 2022-12-16CVE-2022-20554: In removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. This could lead to local escalation of privilege with System…
medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
In removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245770596
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| platform | frameworks_native | >= 13:0 < 13:2022-12-01 | 13:2022-12-01 |