CVE-2021-1048: refcount increment on mid-destruction file Thi | Hack The Planet
CVE-2021-1048: refcount increment on mid-destruction file
This vuln analysis was published by Jann Horn in the "0-days In-the-Wild" blog maintained by Google Project Zero. However, they have no exploit sample to analyze.
This is an object state confusion with UAF that was patched in the upstream Linux kernel but forgotten by some Android vendors.
Jann says this situation is similar to the "Bad Binder" case.