Android Kernel Privilege Escalation Vulnerability in KVM FFA Handling

Vulnerability

A memory corruption vulnerability has been identified in the Android kernel, specifically within the KVM (Kernel-based Virtual Machine) component for ARM64 architecture. The issue arises from a logic error in the 'ffa.c' file, leading to potential memory corruption. This vulnerability allows for local escalation of privileges, with no additional execution rights required. Exploitation does not involve user interaction.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing a user to gain elevated rights or access within the system.

Added: Mar 2, 2026, 7:23 PM

Updated: Mar 2, 2026, 10:11 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.4

remediation

0.0

relevance

3.4

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.4

remediation

0.0

relevance

3.4

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Kernel Privilege Escalation Vulnerability in KVM FFA Handling

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating