In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-176444622
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/2021-06-01 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
23 Jun 2021, 18:14
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
CPE | cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:* cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:* |
|
CWE | CWE-787 CWE-190 |
|
References | (MISC) https://source.android.com/security/bulletin/2021-06-01 - Patch, Vendor Advisory |
21 Jun 2021, 17:35
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-21 17:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-0510
Mitre link : CVE-2021-0510
CVE.ORG link : CVE-2021-0510
JSON object : View
Products Affected
- android