Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.4
VPU Driver Vulnerability: Local Privilege Escalation Possible
CVE-2026-0112
Summary
A vulnerability in the VPU driver could allow an attacker with local access to gain elevated privileges without needing extra permissions. This happens because of a mistake in the way the driver handles memory. To protect your system, update your VPU driver to the latest version.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| android | All versions | – |
Original title
In vpu_open_inst of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User in...
Original description
In vpu_open_inst of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Vulnerability type
CWE-362
Race Condition
CWE-416
Use After Free
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026