How severe is CVE-2021-0964?

CVE-2021-0964 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2021-0964

Name: android
Author: google

6.5MEDIUM

In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privil

公開日: 12/15/2021更新日: 11/21/2024

説明

In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-193363621

AI分析AIによる分析

影響を受ける製品

googleandroid

9.0

googleandroid

10.0

googleandroid

11.0

googleandroid

12.0

参照

https://source.android.com/security/bulletin/2021-12-01
Vendor Advisory
https://source.android.com/security/bulletin/2021-12-01
Vendor Advisory