In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095.
References
Link | Resource |
---|---|
https://lists.debian.org/debian-lts-announce/2021/02/msg00010.html | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/202105-03 | Third Party Advisory |
https://source.android.com/security/bulletin/2021-01-01 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
09 Feb 2022, 17:02
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 6.8 |
References | (GENTOO) https://security.gentoo.org/glsa/202105-03 - Third Party Advisory |
26 May 2021, 10:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2021-01-11 22:15
Updated : 2024-02-04 21:23
NVD link : CVE-2021-0308
Mitre link : CVE-2021-0308
CVE.ORG link : CVE-2021-0308
JSON object : View
Products Affected
debian
- debian_linux
- android
CWE
CWE-787
Out-of-bounds Write