CVE-2026-0027 is a medium-severity vulnerability affecting Google Android. This vulnerability allows a possible out-of-bounds write due to a use after free in the function smmu_detach_dev of arm-smmu-v3.c. The CVSS score for this vulnerability is 6.7, indicating that it poses a moderate risk to systems. The potential impact includes local escalation of privilege, which necessitates System execution privileges for exploitation. Notably, user interaction is not needed, making it more concerning.
The vulnerability was published on March 2, 2026, and has since been modified. Organizations using affected versions of Android should prioritize patching this vulnerability to prevent unauthorized access and control over the system.
The urgency for defenders is high. Organizations should address this vulnerability in their priority patch cycle to mitigate the associated risks effectively.
Risk to organizations includes potential unauthorized access and control over systems, which can lead to further exploitation of sensitive data or system integrity.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
.webp)