Description: In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernel Broken commit info: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=cefc7ca46235f01d5233e3abd4b79452af01d9e9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=cefc7ca46235f01d5233e3abd4b79452af01d9e9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=cefc7ca46235f01d5233e3abd4b79452af01d9e9 Bugfix commit info: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=d6544bccc1967cd6a883d6abac71fc7d863e8baa https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=7a993c1be595835acf578d0382bfd8f83475f301 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=72b0e5faa5149f09c6a7a74e4012f29e33509bab https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=d6544bccc1967cd6a883d6abac71fc7d863e8baa https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=7a993c1be595835acf578d0382bfd8f83475f301 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=72b0e5faa5149f09c6a7a74e4012f29e33509bab