CVE-2026-0106: Elevation of privilege in Google Android
In vpu_mmap of vpu_ioctl, there is a possible arbitrary address mmap due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2026-0106: Elevation of privilege in Google Android
Description
In vpu_mmap of vpu_ioctl, there is a possible arbitrary address mmap due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Google_Devices
- Date Reserved
- 2025-10-23T08:42:57.001Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 6984fdd1f9fa50a62f37f349
Added to database: 2/5/2026, 8:30:09 PM
Last updated: 2/5/2026, 8:30:37 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-12131: CWE-20 Improper Input Validation in silabs.com Simplicity SDK
MediumCVE-2026-25630
LowCVE-2026-1301: CWE-787 Out-of-bounds Write in o6 Automation GmbH Open62541
MediumCVE-2026-1707: Vulnerability in pgadmin.org pgAdmin 4
HighCVE-2025-68121: CWE-295: Improper Certificate Validation in Go standard library crypto/tls
HighActions
External Links
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.