How severe is CVE-2021-0964?

CVE-2021-0964 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2021-0964

Name: android
Author: google

6.5MEDIUM

In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privil

Опубликовано: 12/15/2021Обновлено: 11/21/2024

Описание

In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-193363621

ИИ-АнализНа базе ИИ

Затронутые продукты

googleandroid

9.0

googleandroid

10.0

googleandroid

11.0

googleandroid

12.0

Ссылки

https://source.android.com/security/bulletin/2021-12-01
Vendor Advisory
https://source.android.com/security/bulletin/2021-12-01
Vendor Advisory