In unixstreamsendpage of af_unix.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "fixes": [ "https://android.googlesource.com/kernel/common/+/e6ed59127c865", "https://android.googlesource.com/kernel/common/+/790c2f9d15b59", "https://android.googlesource.com/kernel/common/+/84d3e59750bbd", "https://android.googlesource.com/kernel/common/+/d39fc9b94dc07" ], "spl": "2024-05-05", "types": [ "EoP" ], "severity": "High" }