CVE-2026-0109
Published: 10 March 2026
Summary
CVE-2026-0109 is a high-severity Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability in Google Android. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 42.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-11 (Error Handling).
Deeper analysis
CVE-2026-0109 is a vulnerability in the dhd_tcpdata_info_get function of dhd_ip.c, where a precondition check failure can lead to a denial of service. This issue affects the Android platform, as documented in the Android Security Bulletin and the Pixel-specific bulletin for March 2026.
The vulnerability allows a remote attacker to trigger a denial of service without requiring additional execution privileges or user interaction. Exploitation is straightforward given the CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), enabling network-based attacks with low complexity that result in high availability impact but no confidentiality or integrity effects. It is associated with CWE-754 (Improper Check for Unusual or Exceptional Conditions).
Mitigation details are provided in the Android Security Bulletin at https://source.android.com/docs/security/bulletin/2026/2026-03-01 and the Pixel bulletin at https://source.android.com/docs/security/bulletin/pixel/2026/2026-03-01, which include patches for affected Android versions and devices. Security practitioners should apply these updates promptly to vulnerable systems.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-10834
Vulnerability details
In dhd_tcpdata_info_get of dhd_ip.c, there is a possible Denial of Service due to a precondition check failure. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote network-exploitable precondition check failure directly enables application/system DoS via vulnerability exploitation (T1499.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the precondition check failure in dhd_tcpdata_info_get by applying vendor patches from the Android Security Bulletin.
Protects against remote denial-of-service attacks triggered by the precondition check failure with no privileges required.
Ensures proper error and exception handling for unusual conditions like precondition failures to avoid denial-of-service crashes.