{"id":"PUB-A-216408350","details":"In fget() of multiple locations, there is a possible read after free  due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-216408350","ASB-A-216408350","CVE-2021-4083"],"modified":"2026-06-01T15:55:42.428303297Z","published":"2022-05-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-05-01"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/054aa8d439b9185d4f5eb9a90282d1ce74772969"}],"affected":[{"package":{"name":":linux_kernel:","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":":0"},{"fixed":":2022-05-05"}]}],"versions":["Kernel"],"ecosystem_specific":{"vanir_signatures":[{"id":"PUB-A-216408350-04872399","source":"https://android.googlesource.com/kernel/common/+/054aa8d439b9185d4f5eb9a90282d1ce74772969","signature_version":"v1","deprecated":false,"digest":{"function_hash":"50347399082138730567468486640168205875","length":312},"target":{"file":"fs/file.c","function":"__fget_files"},"signature_type":"Function"},{"source":"https://android.googlesource.com/kernel/common/+/054aa8d439b9185d4f5eb9a90282d1ce74772969","signature_type":"Line","signature_version":"v1","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["222339155623389242937145999001050522534","14210766515571077282217007477797530518","286959784734915952769508299362550069891","325423163522201025610882289272510867957"]},"target":{"file":"fs/file.c"},"id":"PUB-A-216408350-181bf3dd"}],"severity":"High","types":["EoP"],"spl":"2022-05-05","fixes":["https://android.googlesource.com/kernel/common/+/054aa8d439b9185d4f5eb9a90282d1ce74772969"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-216408350.json"}}],"schema_version":"1.7.5"}