CVE-2022-20371

MEDIUM Year: 2022
CVSS v3 Score
6.4
Medium
Weakness Type
CWE-667
View all →

Vulnerability Description

In dm_bow_dtr and related functions of dm-bow.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195565510References: Upstream kernel

Related Vulnerabilities

CVE-2021-20291

MEDIUM
CVSS:6.5(Medium)

A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not ...

CWE-6672021

CVE-2021-31785

MEDIUM
CVSS:6.5(Medium)

The Bluetooth Classic implementation on Actions ATS2815 and ATS2819 chipsets does not properly handle the reception of multiple LMP_host_connection_req packets, allowing attackers in radio range to tr...

CWE-6672021

CVE-2021-31786

MEDIUM
CVSS:6.5(Medium)

The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2819 devices does not properly handle a connection attempt from a host with the same BDAddress as the current connected BT host, al...

CWE-6672021

CVE-2021-3667

MEDIUM
CVSS:6.5(Medium)

An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not prope...

CWE-6672021

CVE-2021-4147

MEDIUM
CVSS:6.5(Medium)

A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.

CWE-6672021

CVE-2024-45818

MEDIUM
CVSS:6.5(Medium)

The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired p...

CWE-6672024