In appendEventsToCacheLocked of SensorEventConnection.cpp, there is a possible out of bounds write due to a use-after-free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-8.1, Android-10, Android-11; Android ID: A-168211968.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://source.android.com/security/bulletin/2021-01-01 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: google_android
Published: 2021-01-11T21:47:31
Updated: 2024-08-03T15:32:10.680Z
Reserved: 2020-11-06T00:00:00
Link: CVE-2021-0318

No data.

Status : Modified
Published: 2021-01-11T22:15:13.597
Modified: 2024-11-21T05:42:30.273
Link: CVE-2021-0318

No data.