exploitDog

CVE-2021-0703

Опубликовано: 22 окт. 2021

Источник: nvd

CVSS3: 6.8

CVSS2: 7.2

EPSS Низкий

Описание

In SecondStageMain of init.cpp, there is a possible use after free due to incorrect shared_ptr usage. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-184569329

Ссылки

https://source.android.com/security/bulletin/2021-10-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/2021-10-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 3%

0.00016

Низкий

6.8 Medium

CVSS3

7.2 High

CVSS2

Дефекты

CWE-416

Связанные уязвимости

GHSA-r5f5-hqc8-7rx6

github

больше 3 лет назад

In SecondStageMain of init.cpp, there is a possible use after free due to incorrect shared_ptr usage. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-184569329

EPSS

Процентиль: 3%

0.00016

Низкий

6.8 Medium

CVSS3

7.2 High

CVSS2

Дефекты

CWE-416