CVE-2026-0108

CWE-284Improper Access Control4 documents4 sources
Severity
4.0MEDIUM
EPSS
0.0%
top 99.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Android
Timeline
PublishedMar 10

Description

The register protection of the PowerVR GPU is incorrectly configured. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.5 | Impact: 1.4

Affected Packages2 packages

Android:unknown:Pixel-family specific:0Pixel-family specific:2026-03-05
CVEListV5google/androidAndroid kernel

🔴Vulnerability Details

3
CVEList
CVE-2026-0108: The register protection of the PowerVR GPU is incorrectly configured2026-03-10
GHSA
GHSA-4qqp-64rp-274m: The register protection of the PowerVR GPU is incorrectly configured2026-03-10
OSV
CVE-2026-0108: The register protection of the PowerVR GPU is incorrectly configured2026-03-01
CVE-2026-0108 (MEDIUM CVSS 4) | The register protection of the Powe | cvebase.io