Description

In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

INFO

Published Date :

2026-03-02T18:42:59.363Z

Last Modified :

2026-03-06T03:58:08.209Z

Source :

google_android
AFFECTED PRODUCTS

The following products are affected by CVE-2026-0038 vulnerability.

Vendors Products
Google
  • Android
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-0038.

URL Resource
https://android.googlesource.com/kernel/common/+/1bf8033b56a45165602f8116e0a0d2e767f1e8ae cve-icon cve-icon
https://android.googlesource.com/kernel/common/+/513ea99ae008b81dd266bf6e361627c058ddde41 cve-icon cve-icon
https://android.googlesource.com/kernel/common/+/652b7b6bf9a62cc12c3a071bab4e92314f046739 cve-icon cve-icon
https://android.googlesource.com/kernel/common/+/7e1d15d29b7fe0f858926a8bcaf929b75db9e52a cve-icon cve-icon
https://android.googlesource.com/kernel/common/+/b23a5bfa1fb8f9525e21f095a87486a2bd856321 cve-icon cve-icon
https://android.googlesource.com/kernel/common/+/d884f499434c224285c30d460681f1ce76a8cf1f cve-icon cve-icon
https://android.googlesource.com/kernel/common/+/f090d4b083a9ef4831f99e692c239542dd385cb4 cve-icon cve-icon
https://source.android.com/docs/security/bulletin/2026/2026-03-01 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact