Linux Kernel Elevated Privilege Vulnerability Information

This vulnerability is a use-after-free scenario which could allow code execution and local elevation of privilege to the kernel from an untrusted application. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.


Affected Product Operating System Release Date
Handheld computer models:
EC30, EC50, EC55, MC2200, MC2700, MC9300, PS20
Touch computer models:
TC21, TC26, TC52, TC52ax, TC52x, TC57, TC57x, TC72, TC77, TC8300
ET51, ET56, L10
RFID scanner:
MC3300ax, MC3300x
Health Care Touch computers models:
TC21-HC, TC26-HC, TC52-HC, TC52x-HC
Vehicle-mounted device:
Interactive kiosks:
CC600, CC6000
Android 8.1 30th November  2021

Disclaimer: Zebra makes every attempt to release security updates on or about the time that Google releases its respective security bulletin. However, delivery time of security updates may vary depending on the region, product model, and third party software suppliers. Under some circumstances, the OS must be updated to the latest maintenance release prior to installing the security updates. Individual product updates will provide specific guidance.

Unless otherwise noted, there have been no reports of active customer exploitation or abuse from these newly reported issues.

Are you aware of a potential security issue with a Zebra Technologies product?