CVE-2026-0133
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk0th percentile - higher than 0% of all known CVEs
Summary
In the smmu_attach_dev function in arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed.
Risk Assessment
This vulnerability could allow attackers to escalate privileges locally, posing a risk of unauthorized access to the system. The lack of user interaction makes the attack easier to execute.
Recommendation
It is recommended to implement appropriate permission checks in the smmu_attach_dev function to prevent the signing of malicious artifacts. Additionally, systems should be monitored for unauthorized activities.
Original NVD description (English source)
In smmu_attach_dev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

