CVE-2021-0929
Summary
| CVE | CVE-2021-0929 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-12-15 19:15:00 UTC |
| Updated | 2021-12-17 17:33:00 UTC |
| Description | In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-187527909References: Upstream kernel |
Risk And Classification
Problem Types: CWE-416
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Android Security Bulletin—November 2021 | Android Open Source Project | MISC | source.android.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 180437 Debian Security Update for linux (CVE-2021-0929)
- 610380 Google Android Devices November 2021 Security Patch Missing
- 610385 Google Android December 2021 Security Patch Missing for Samsung
- 610387 Google Android December 2021 Security Patch Missing for LGE
- 671380 EulerOS Security Update for kernel (EulerOS-SA-2022-1292)