ID CVE-2021-0920
Summary In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel
References
Vulnerable Configurations
  • cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
CVSS
Base: 6.9 (as of 02-02-2024 - 16:46)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:C/I:C/A:C
Last major update 02-02-2024 - 16:46
Published 15-12-2021 - 19:15
Last modified 02-02-2024 - 16:46
Back to Top