Information Leak in [Software Name] Allows Access to Local Data

Summary

An error in [Software Name]'s code allows unauthorized access to local data without needing extra privileges. This means a malicious user could potentially see sensitive information that they shouldn't be able to. Update [Software Name] to the latest version to fix this issue.

What to do

Update google platform/packages/modules/virtualization to version 16-qpr2-next:2026-03-01.
Update google platform/packages/modules/virtualization to version 15:2026-03-01.
Update google platform/packages/modules/virtualization to version 16:2026-03-01.
Update google platform/packages/modules/virtualization to version 16-qpr2:2026-03-01.
Update google platform/packages/modules/virtualization to version 14:2026-03-01.

Affected software

Vendor	Product	Affected versions	Fix available
google	android	14.0	–
google	android	15.0	–
google	android	16.0	–
google	android	16.0	–
google	android	16.0	–
google	android	16.0	–
google	platform/packages/modules/virtualization	> 16-qpr2-next:0 , <= 16-qpr2-next:2026-03-01	16-qpr2-next:2026-03-01
google	platform/packages/modules/virtualization	> 15:0 , <= 15:2026-03-01	15:2026-03-01
google	platform/packages/modules/virtualization	> 16:0 , <= 16:2026-03-01	16:2026-03-01
google	platform/packages/modules/virtualization	> 16-qpr2:0 , <= 16-qpr2:2026-03-01	16-qpr2:2026-03-01
google	platform/packages/modules/virtualization	> 14:0 , <= 14:2026-03-01	14:2026-03-01

Original title

In jump_to_payload of payload.rs, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privilege...

Original description

In jump_to_payload of payload.rs, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

nvd CVSS3.1 5.5

Vulnerability type

CWE-200 Information Exposure