CVE-2026-0150

Vulnerability

In the ExecuteGraph command handler of the EdgeTPU firmware, an integer overflow vulnerability exists that can lead to an out-of-bounds write. The affected firmware is present on supported Pixel devices. The specific versions affected are those prior to the security patch level 2026-06-05. The vulnerability requires local access and triggers when a crafted command is sent to the EdgeTPU firmware.

Exploitation

To exploit an attacker must have local access to the device. No user interaction is required. An integer overflow occurs in the ExecuteGraph command handler resulting in an out-of-bounds write to memory. An attacker can craft a specific command to trigger this overflow.

Impact

Successful exploitation can lead to local escalation of privilege potentially gaining root privileges. The out-of-bounds write could allow an attacker to overwrite critical data structures leading to arbitrary code execution in the context of the EdgeTPU firmware [1].

Mitigation

The issue is addressed in the June 2026 Pixel Update Bulletin [1]. Devices with a security patch level of 2026-06-05 or later are protected. Users should ensure their Pixel devices are updated to the latest available security patch.