CVE-2026-20415
EUVD-2026-513902.02.2026, 09:15
In imgsys, there is a possible memory corruption due to improper locking. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10363254; Issue ID: MSV-5617.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| android | 15.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-415 - Double FreeThe product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
- CWE-667 - Improper LockingThe software does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.