{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-0038", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "state": "PUBLISHED", "assignerShortName": "google_android", "dateReserved": "2025-10-15T15:39:25.171Z", "datePublished": "2026-03-02T18:42:59.363Z", "dateUpdated": "2026-03-06T03:58:08.209Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [{"status": "affected", "version": "Android kernel"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.</p>"}], "value": "In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."}], "problemTypes": [{"descriptions": [{"description": "Elevation of privilege", "lang": "en"}]}], "providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2026-03-06T03:58:08.209Z"}, "references": [{"url": "https://android.googlesource.com/kernel/common/+/652b7b6bf9a62cc12c3a071bab4e92314f046739"}, {"url": "https://android.googlesource.com/kernel/common/+/f090d4b083a9ef4831f99e692c239542dd385cb4"}, {"url": "https://android.googlesource.com/kernel/common/+/7e1d15d29b7fe0f858926a8bcaf929b75db9e52a"}, {"url": "https://android.googlesource.com/kernel/common/+/b23a5bfa1fb8f9525e21f095a87486a2bd856321"}, {"url": "https://android.googlesource.com/kernel/common/+/513ea99ae008b81dd266bf6e361627c058ddde41"}, {"url": "https://android.googlesource.com/kernel/common/+/1bf8033b56a45165602f8116e0a0d2e767f1e8ae"}, {"url": "https://android.googlesource.com/kernel/common/+/d884f499434c224285c30d460681f1ce76a8cf1f"}, {"tags": ["vendor-advisory"], "url": "https://source.android.com/docs/security/bulletin/2026/2026-03-01"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "cvelib 1.7.1"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-02T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-0038"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-03T04:56:31.977Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-0038", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-02T20:17:34.330833Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-02T20:17:58.480Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "Google", "product": "Android", "versions": [{"status": "affected", "version": "Android kernel"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://android.googlesource.com/kernel/common/+/652b7b6bf9a62cc12c3a071bab4e92314f046739"}, {"url": "https://android.googlesource.com/kernel/common/+/f090d4b083a9ef4831f99e692c239542dd385cb4"}, {"url": "https://android.googlesource.com/kernel/common/+/7e1d15d29b7fe0f858926a8bcaf929b75db9e52a"}, {"url": "https://android.googlesource.com/kernel/common/+/b23a5bfa1fb8f9525e21f095a87486a2bd856321"}, {"url": "https://android.googlesource.com/kernel/common/+/513ea99ae008b81dd266bf6e361627c058ddde41"}, {"url": "https://android.googlesource.com/kernel/common/+/1bf8033b56a45165602f8116e0a0d2e767f1e8ae"}, {"url": "https://android.googlesource.com/kernel/common/+/d884f499434c224285c30d460681f1ce76a8cf1f"}, {"url": "https://source.android.com/docs/security/bulletin/2026/2026-03-01", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "cvelib 1.7.1"}, "descriptions": [{"lang": "en", "value": "In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "supportingMedia": [{"type": "text/html", "value": "<p>In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Elevation of privilege"}]}], "providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2026-03-06T03:58:08.209Z"}}}, "cveMetadata": {"cveId": "CVE-2026-0038", "state": "PUBLISHED", "dateUpdated": "2026-03-06T03:58:08.209Z", "dateReserved": "2025-10-15T15:39:25.171Z", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "datePublished": "2026-03-02T18:42:59.363Z", "assignerShortName": "google_android"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."}], "id": "CVE-2026-0038", "lastModified": "2026-03-06T04:16:06.970", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-02T19:16:31.863", "references": [{"source": "security@android.com", "tags": ["Patch", "Product"], "url": "https://android.googlesource.com/kernel/common/+/1bf8033b56a45165602f8116e0a0d2e767f1e8ae"}, {"source": "security@android.com", "tags": ["Patch", "Product"], "url": "https://android.googlesource.com/kernel/common/+/513ea99ae008b81dd266bf6e361627c058ddde41"}, {"source": "security@android.com", "tags": ["Patch", "Product"], "url": "https://android.googlesource.com/kernel/common/+/652b7b6bf9a62cc12c3a071bab4e92314f046739"}, {"source": "security@android.com", "tags": ["Patch", "Product"], "url": "https://android.googlesource.com/kernel/common/+/7e1d15d29b7fe0f858926a8bcaf929b75db9e52a"}, {"source": "security@android.com", "tags": ["Patch", "Product"], "url": "https://android.googlesource.com/kernel/common/+/b23a5bfa1fb8f9525e21f095a87486a2bd856321"}, {"source": "security@android.com", "tags": ["Patch", "Product"], "url": "https://android.googlesource.com/kernel/common/+/d884f499434c224285c30d460681f1ce76a8cf1f"}, {"source": "security@android.com", "tags": ["Patch", "Product"], "url": "https://android.googlesource.com/kernel/common/+/f090d4b083a9ef4831f99e692c239542dd385cb4"}, {"source": "security@android.com", "url": "https://source.android.com/docs/security/bulletin/2026/2026-03-01"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "Android kernel"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Android", "source": "cna", "vendor": "Google"}, "product": "android", "vendor": "google"}], "analysis": {"en": {"generated_at": "2026-04-17T13:29:46.561523+00:00", "value": {"mitigation_remediation": ["Acquire and install the Android security update that addresses the mem_protect.c logic flaw as published in the March\u00a02026 security bulletin", "If a device cannot be updated, limit local user accounts to non-administrative roles and isolate critical services using SELinux or other mandatory access controls", "Restrict the loading of unsigned kernel modules and consider disabling unnecessary kernel modules to reduce the attack surface"], "summary": {"action": "Apply Patch", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Android operating systems that include the affected kernel version, specifically devices running the Google Android kernel before the immediately released patch. Exact firmware versions are not disclosed in the advisory, so all devices running kernel builds that incorporate the faulty mem_protect.c functions are considered vulnerable.", "description_and_impact": "In the Android kernel source file mem_protect.c, a logic error permits an attacker to execute arbitrary code at the kernel level, enabling local privilege escalation. The flaw can be triggered without any user interaction and does not require additional execution privileges, allowing a standard user to gain kernel privileges. The vulnerability is a classic example of improper privilege management within kernel code, leading to potential compromise of system integrity and confidentiality.", "risk_and_exploitability": "The CVSS v3.1 score of 8.4 reflects high severity, and although the EPSS score is currently under 1%, which indicates a low probability of exploitation in the immediate future, the vulnerability remains critical due to the lack of user interaction and the ability to elevate privileges to kernel level. The vulnerability is not listed in the CISA KEV catalog at this time, but adversaries with local access to a device could exploit the flaw with minimal effort, especially if no mitigating controls are in place."}}}}, "created": "2026-03-03T08:41:13.775079+00:00", "updated": "2026-04-17T13:30:19.611390+00:00", "vendors": ["google", "google$PRODUCT$android"]}