{"vulnerability": "CVE-2021-0920", "sightings": [{"uuid": "de7de69d-6b6c-4843-a58c-ab9017e7d13a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html", "content": "", "creation_timestamp": "2022-08-10T23:00:00.000000Z"}, {"uuid": "780e76dd-18ef-4064-b837-b582afb611a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "seen", "source": "MISP/d043c0cd-2b8d-41a4-a597-d19f17709d9f", "content": "", "creation_timestamp": "2022-05-25T09:11:35.000000Z"}, {"uuid": "70a92cc4-6891-4145-ada6-d14404760282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "178aac35-152a-427e-90f6-89b6cc097267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971565", "content": "", "creation_timestamp": "2024-12-24T20:31:12.581755Z"}, {"uuid": "00f797c8-4a00-460b-9f6f-2dee3f348a0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "seen", "source": "https://bsky.app/profile/schnoog.eu/post/3liyv56g5a22n", "content": "", "creation_timestamp": "2025-02-25T12:41:24.814362Z"}, {"uuid": "18a61707-3303-4c71-b821-6fb307ef447f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:28.000000Z"}, {"uuid": "d1aca939-7541-4830-a17c-b1a798055808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "seen", "source": "https://gist.github.com/Darkcrai86/a458a80b8d0c0bf263a07a6d01aa4cc0", "content": "", "creation_timestamp": "2025-08-28T17:32:13.000000Z"}, {"uuid": "0a229ae4-aeec-4a71-aa08-2f1c21ee0cf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-0920", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/08cee58f-7807-4117-b9bf-4fbf3ead4215", "content": "", "creation_timestamp": "2026-02-02T12:27:41.601839Z"}, {"uuid": "0d8eaf03-6447-409b-bb41-e0aaa63aa93a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/89", "content": "Top Security News for 11/08/2022\n\nHPE security advisory (AV22-449)\nhttps://malware.news/t/hpe-security-advisory-av22-449/62545/1 \n\nCISA should split from DHS or made part of broader \u2018Digital Agency\u2019: Fmr Director Chris Krebs\nhttps://malware.news/t/cisa-should-split-from-dhs-or-made-part-of-broader-digital-agency-fmr-director-chris-krebs/62547/1 \n\n8 tips to secure printers on your network\nhttps://www.csoonline.com/article/3669233/8-tips-to-secure-printers-on-your-network.html#tk.rss_all \n\nGet Dashlane Premium password manager for 3 mo for $1\nhttps://malware.news/t/get-dashlane-premium-password-manager-for-3-mo-for-1/62546/1 \n\nFormer Twitter Employee Found Guilty of Spying for Saudi Arabia\nhttps://thehackernews.com/2022/08/former-twitter-employee-found-guilty-of.html \n\nNEW 'Off The Hook' ONLINE\nhttps://www.2600.com/hook/10-08-2022 \n\nEx Twitter employee found guilty of spying for Saudi Arabian government\nhttps://securityaffairs.co/wordpress/134266/intelligence/ex-twitter-employee-guilty.html \n\nCyber Threats Warrant a Government Reorganization, Former CISA Head Says\nhttps://malware.news/t/cyber-threats-warrant-a-government-reorganization-former-cisa-head-says/62548/1 \n\nISC StormCast for Thursday, August 11th, 2022\nhttps://isc.sans.edu/podcastdetail.html?id=8126 \n\nThe quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)\nhttps://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-08-11T07:00:12.000000Z"}, {"uuid": "f692e5e8-fe26-4260-9f72-d53e1659c67f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "exploited", "source": "https://t.me/linkersec/180", "content": "The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)\n\nXingyu Jin published an article describing the root cause of a race condition in the garbage collection for SCM_RIGHTS.\n\nThis bug is used for Android exploitation in the wild.", "creation_timestamp": "2022-08-11T15:34:19.000000Z"}, {"uuid": "b0964c7c-c5c2-4171-857c-99bb8b7f7a79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "seen", "source": "https://t.me/ctinow/57556", "content": "The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)\n\nhttps://ift.tt/a93gYAF", "creation_timestamp": "2022-08-11T03:21:33.000000Z"}, {"uuid": "0f85e71f-10d5-4ee6-8b04-b78b0e3e0b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "seen", "source": "https://t.me/arpsyndicate/1429", "content": "#ExploitObserverAlert\n\nCVE-2021-0920\n\nDESCRIPTION: Exploit Observer has 12 entries related to CVE-2021-0920. In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel\n\nFIRST-EPSS: 0.000640000\nNVD-IS: 5.9\nNVD-ES: 0.5", "creation_timestamp": "2023-12-05T08:12:35.000000Z"}, {"uuid": "f2f074eb-1e8a-48de-ab29-f0cc55fe4051", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "exploited", "source": "https://t.me/androidMalware/1514", "content": "A Year in Review of 0-days Used In-the-Wild in 2021 by Google\nIn 2021 there were 7 #Android in-the-wild 0-days detected and disclosed:\n - Qualcomm Adreno GPU driver (CVE-2020-11261, CVE-2021-1905, CVE-2021-1906)\n - ARM Mali GPU driver (CVE-2021-28663, CVE-2021-28664)\n - Upstream Linux kernel (CVE-2021-1048, CVE-2021-0920)\n\nFor the 5 total #iOS and macOS in-the-wild 0-days, they targeted 3 different attack surfaces:\n - IOMobileFrameBuffer (CVE-2021-30807, CVE-2021-30883)\n - XNU Kernel (CVE-2021-1782 & CVE-2021-30869)\n - CoreGraphics (CVE-2021-30860)\n - CommCenter (FORCEDENTRY sandbox escape - CVE requested, not yet assigned)\nhttps://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html", "creation_timestamp": "2022-04-27T11:03:23.000000Z"}, {"uuid": "457e2654-9133-4c3b-9ee8-d756d277e989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "exploited", "source": "https://t.me/androidMalware/1611", "content": "Detailed analysis of an Android in-the-wild 0-day exploit developed by surveillance vendor Wintego (CVE-2021-0920) \nhttps://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html", "creation_timestamp": "2022-08-11T07:00:01.000000Z"}, {"uuid": "5a0aebef-940b-4ee5-9a17-996e1f1e116a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-0920", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/6581", "content": "#exploit\nThe quantum state of Linux kernel garbage collection CVE-2021-0920: A deep dive into an in-the-wild Android exploit\nhttps://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html", "creation_timestamp": "2022-08-12T14:51:11.000000Z"}]}