CISA Known Exploited Vulnerability

CVE-2021-0920

Android · Kernel

Android Kernel Race Condition Vulnerability

Date added 2022-05-23

BOD 22-01 due date 2022-06-13

CWE CWE-362, CWE-416

Ransomware Unknown

CISA description

Android kernel contains a race condition, which allows for a use-after-free vulnerability. Exploitation can allow for privilege escalation.

Apply updates per vendor instructions.

Vulnerability data triggers these controls during assessment and continuous monitoring.