Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.4
Incorrect Bounds Check in Mem Protect Allows Local Privilege Escalation
CVE-2026-0030
Summary
A security flaw in a Linux kernel component called mem_protect.c could allow an attacker to gain higher privileges on a system without needing to use any special permissions. This could potentially allow them to access sensitive data or take control of the system. To fix this issue, update your Linux kernel to the latest version.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| android | All versions | – |
Original title
In __host_check_page_state_range of mem_protect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional exec...
Original description
In __host_check_page_state_range of mem_protect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd CVSS3.1
8.4
Vulnerability type
CWE-787
Out-of-bounds Write
- https://android.googlesource.com/kernel/common/+/986614312222d4b3bdcf16840cdb4ab... Patch Product
- https://android.googlesource.com/kernel/common/+/aff2255dbe38dc7c57bac8d3ba9feed... Patch Product
- https://android.googlesource.com/kernel/common/+/f3a4b4d4a1fe2aface7de74ac257b87... Patch Product
- https://source.android.com/docs/security/bulletin/2026/2026-03-01
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026