{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-0037", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "state": "PUBLISHED", "assignerShortName": "google_android", "dateReserved": "2025-10-15T15:39:23.733Z", "datePublished": "2026-03-02T18:42:58.298Z", "dateUpdated": "2026-03-06T03:57:34.347Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [{"status": "affected", "version": "Android kernel"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.</p>"}], "value": "In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."}], "problemTypes": [{"descriptions": [{"description": "Elevation of privilege", "lang": "en"}]}], "providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2026-03-06T03:57:34.347Z"}, "references": [{"url": "https://android.googlesource.com/kernel/common/+/6c400c2e2e46f3a1117ce5da316ecdc1dbb1a031"}, {"tags": ["vendor-advisory"], "url": "https://source.android.com/docs/security/bulletin/2026/2026-03-01"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "cvelib 1.7.1"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-02T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-0037"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-03T04:56:33.128Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-0037", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-02T20:27:02.886912Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-02T20:27:24.509Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "Google", "product": "Android", "versions": [{"status": "affected", "version": "Android kernel"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://android.googlesource.com/kernel/common/+/6c400c2e2e46f3a1117ce5da316ecdc1dbb1a031"}, {"url": "https://source.android.com/docs/security/bulletin/2026/2026-03-01", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "cvelib 1.7.1"}, "descriptions": [{"lang": "en", "value": "In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "supportingMedia": [{"type": "text/html", "value": "<p>In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Elevation of privilege"}]}], "providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2026-03-06T03:57:34.347Z"}}}, "cveMetadata": {"cveId": "CVE-2026-0037", "state": "PUBLISHED", "dateUpdated": "2026-03-06T03:57:34.347Z", "dateReserved": "2025-10-15T15:39:23.733Z", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "datePublished": "2026-03-02T18:42:58.298Z", "assignerShortName": "google_android"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."}], "id": "CVE-2026-0037", "lastModified": "2026-03-06T04:16:06.810", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-02T19:16:31.763", "references": [{"source": "security@android.com", "tags": ["Patch", "Product"], "url": "https://android.googlesource.com/kernel/common/+/6c400c2e2e46f3a1117ce5da316ecdc1dbb1a031"}, {"source": "security@android.com", "url": "https://source.android.com/docs/security/bulletin/2026/2026-03-01"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "Android kernel"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Android", "source": "cna", "vendor": "Google"}, "product": "android", "vendor": "google"}], "analysis": {"en": {"generated_at": "2026-04-17T13:30:12.194540+00:00", "value": {"mitigation_remediation": ["Update the Android operating system to the latest release that incorporates the ffa.c patch", "Reboot the device after installing the update to ensure all kernel modules are refreshed", "If updates are not immediately available, limit the use of affected firmware by avoiding unpatched devices in mission\u2011critical environments"], "summary": {"action": "Apply Patch", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Affected systems are Android devices that run the default kernel image provided by Google. The flaw exists in the ffa.c component, and no specific firmware or Android version is listed, meaning all devices that include this source code are potentially vulnerable.", "description_and_impact": "The vulnerability resides in several functions within ffa.c of the Android kernel. A logic flaw can corrupt memory and allows an attacker who can run code on the device to elevate privileges locally. No additional execution privileges are required and no user interaction is needed, so any user\u2011space process with sufficient rights could trigger the corruption.", "risk_and_exploitability": "The CVSS score of 8.4 indicates a high severity vulnerability. The EPSS score of <1% reflects a currently low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is local: an attacker who can execute code on the device can exploit the memory corruption to gain elevated privileges without needing any special user interaction or external access."}}}}, "created": "2026-03-03T08:41:15.313553+00:00", "title": "Android Kernel ffa.c Logic Error Enables Local Privilege Escalation", "updated": "2026-04-17T13:30:19.612075+00:00", "vendors": ["google", "google$PRODUCT$android"]}