CVE-2021-39679
ID CVE-2021-39679
Shrnutí
In init of vendor_graphicbuffer_meta.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188745089References: N/A
Reference
Zranitelné konfigurace
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
CVSS 6.9
CWE CWE-416
Přístupnost
authentication complexity vector
NONE MEDIUM LOCAL
authentication:
NONE
complexity:
MEDIUM
vector:
LOCAL
Dopad
availability confidentiality integrity
COMPLETE COMPLETE COMPLETE
availability:
COMPLETE
confidentiality:
COMPLETE
integrity:
COMPLETE
CVSS vektor AV:L/AC:M/Au:N/C:C/I:C/A:C
Poslední velká aktualizace 20.1.2022 - 14:55
Publikováno 14.1.2022 - 20:15
Poslédní úpravy 20.1.2022 - 14:55
Vendoři
Google
Zařízení
Štítky