Android Privilege Escalation Vulnerability in VPU IOCTL Race Condition

Vulnerability

A use-after-free vulnerability has been identified in the VPU IOCTL component of Android. This issue arises from a race condition, which could lead to local privilege escalation without requiring additional execution privileges. Exploitation of this vulnerability does not involve user interaction.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing a user to gain elevated rights or access within the system.

Added: Mar 10, 2026, 9:33 PM

Updated: Mar 10, 2026, 9:33 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.9

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.9

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Privilege Escalation Vulnerability in VPU IOCTL Race Condition

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating