CVE-2026-0037
Memory Corruption in ffa.c Enables Local Privilege Escalation
Publication date: 2026-03-02
Last updated on: 2026-03-06
Assigner: Android (associated with Google Inc. or Open Handset Alliance)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| android | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in multiple functions of the ffa.c file where a logic error can cause possible memory corruption.
Because of this memory corruption, an attacker can escalate their privileges locally without needing any additional execution privileges or user interaction.
How can this vulnerability impact me? :
The vulnerability allows local escalation of privilege, meaning an attacker who already has some access to the system could gain higher privileges.
This could lead to unauthorized access to sensitive system functions or data, potentially compromising the security and integrity of the affected device.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability involves a logic error in multiple functions of ffa.c causing possible memory corruption leading to local privilege escalation. Detection would typically require checking the kernel version or patch level to see if the fix for this issue has been applied.'}, {'type': 'paragraph', 'content': 'Since the vulnerability is in the Android Linux kernel and relates to memory handling in the Trusted Zone, direct detection via network commands is not applicable.'}, {'type': 'paragraph', 'content': 'To detect if your system is vulnerable, you can check the kernel source or kernel version for the presence of the patch identified by commit 6c400c2e2e46f3a1117ce5da316ecdc1dbb1a031.'}, {'type': 'paragraph', 'content': 'Suggested commands to check kernel version and patch status include:'}, {'type': 'list_item', 'content': 'uname -a # To check the current kernel version'}, {'type': 'list_item', 'content': "grep -r 'FFA handle entry reservation' /path/to/kernel/source # To search for patch presence in source code"}, {'type': 'list_item', 'content': 'Check kernel changelogs or patch notes for commit ID 6c400c2e2e46f3a1117ce5da316ecdc1dbb1a031'}] [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to apply the patch that reserves an FFA handle entry before committing a memory transfer to the Trusted Zone, preventing memory corruption and privilege escalation.
This patch is identified by commit 6c400c2e2e46f3a1117ce5da316ecdc1dbb1a031 and should be backported to stable kernel releases if not already present.
If you maintain your own kernel builds, ensure the patch is applied following the Linux kernel coding standards and submission guidelines.
If using a vendor kernel, check for updates or security advisories from your vendor or Android security bulletins and apply any available kernel updates that include this fix.
Until the patch is applied, restrict local user access to the system as the vulnerability allows local privilege escalation without additional execution privileges.