CVE-2021-0511

In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-178055795
References
Link Resource
https://source.android.com/security/bulletin/2021-06-01 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

History

08 Aug 2023, 14:21

Type Values Removed Values Added
CWE NVD-CWE-Other

23 Jun 2021, 18:05

Type Values Removed Values Added
CWE CWE-20
CVSS v2 : unknown
v3 : unknown
v2 : 4.6
v3 : 7.8
CPE cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
References (MISC) https://source.android.com/security/bulletin/2021-06-01 - (MISC) https://source.android.com/security/bulletin/2021-06-01 - Patch, Vendor Advisory

21 Jun 2021, 17:35

Type Values Removed Values Added
New CVE

Information

Published : 2021-06-21 17:15

Updated : 2023-12-10 13:55


NVD link : CVE-2021-0511

Mitre link : CVE-2021-0511

CVE.ORG link : CVE-2021-0511


JSON object : View

Products Affected

google

  • android
CWE
CWE-20

Improper Input Validation

NVD-CWE-Other