{"id":"PUB-A-197155069","details":"In __htab_map_lookup_and_delete_batch of hashtab.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-197155069","CVE-2021-38166"],"modified":"2026-05-01T15:24:27.653932Z","published":"2021-10-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-10-01"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/c4eb1f403243fc7bbb7de644db8587c03de36da6"}],"affected":[{"package":{"name":":linux_kernel:","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":":0"},{"fixed":":2021-10-05"}]}],"versions":["Kernel"],"ecosystem_specific":{"severity":"Moderate","vanir_signatures":[{"signature_type":"Function","target":{"function":"__htab_map_lookup_and_delete_batch","file":"kernel/bpf/hashtab.c"},"digest":{"length":3574,"function_hash":"127331074739203562560229732259510439617"},"id":"PUB-A-197155069-5385d91f","source":"https://android.googlesource.com/kernel/common/+/c4eb1f403243fc7bbb7de644db8587c03de36da6","signature_version":"v1","deprecated":false},{"signature_type":"Line","target":{"file":"kernel/bpf/hashtab.c"},"digest":{"threshold":0.9,"line_hashes":["212658755389406059833830562300516653499","201381836538477114258617779280796146030","302285419246911275932144487388570272238","262131155964030128750198698395094825846","120523421720983727123488074848466022665"]},"id":"PUB-A-197155069-dd80b817","source":"https://android.googlesource.com/kernel/common/+/c4eb1f403243fc7bbb7de644db8587c03de36da6","signature_version":"v1","deprecated":false}],"spl":"2021-10-05","fixes":["https://android.googlesource.com/kernel/common/+/c4eb1f403243fc7bbb7de644db8587c03de36da6"],"types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-197155069.json"}}],"schema_version":"1.7.5"}