In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095.
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/2021-01-01 | Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2021/02/msg00010.html | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/202105-03 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2021-01-11 14:15
Updated : 2022-02-09 09:02
NVD link : CVE-2021-0308
Mitre link : CVE-2021-0308
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
debian
- debian_linux
- android