In is_device_locked and set_device_locked of keystore_keymaster_enforcement.h, there is a possible bypass of lockscreen requirements for keyguard bound keys due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Android ID: A-169933423.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://source.android.com/security/bulletin/2021-01-01 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2021-01-11T21:48:05
Updated: 2024-08-03T15:32:10.627Z
Reserved: 2020-11-06T00:00:00
Link: CVE-2021-0320
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-01-11T22:15:13.690
Modified: 2021-01-13T16:45:31.333
Link: CVE-2021-0320
Redhat
No data.