Security Vulnerabilities - CVEs Published In 2021
In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of defense-in-depth due to missing validation of the return value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195573629References: N/A
CVSS Score
6.7
EPSS Score
0.0
Published
2021-12-15
Product: AndroidVersions: Android kernelAndroid ID: A-199809304References: N/A
CVSS Score
9.8
EPSS Score
0.002
Published
2021-12-15
Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A
CVSS Score
9.8
EPSS Score
0.001
Published
2021-12-15
Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A
CVSS Score
7.5
EPSS Score
0.001
Published
2021-12-15
In mon_smc_load_sp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smc_booting.S, there is a possible reinitialization of TEE due to improper locking. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-198713939References: N/A
CVSS Score
4.4
EPSS Score
0.0
Published
2021-12-15
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-160822094References: Upstream kernel
CVSS Score
4.1
EPSS Score
0.0
Published
2021-12-15
In regmap_exit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174049006References: N/A
CVSS Score
6.7
EPSS Score
0.0
Published
2021-12-15
In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-169763055References: N/A
CVSS Score
6.7
EPSS Score
0.0
Published
2021-12-15
In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN confirmation due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-193438173References: N/A
CVSS Score
7.8
EPSS Score
0.0
Published
2021-12-15
In sec_ts_parsing_cmds of (TBD), there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194499021References: N/A
CVSS Score
6.7
EPSS Score
0.0
Published
2021-12-15