In multiple functions of libl3oemcrypto.cpp, there is a possible weakness in the existing obfuscation mechanism due to the way sensitive data is handled. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-190724551
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/2021-08-01 | Vendor Advisory |
Configurations
History
No history.
Information
Published : 2021-08-17 19:15
Updated : 2024-02-28 18:28
NVD link : CVE-2021-0639
Mitre link : CVE-2021-0639
CVE.ORG link : CVE-2021-0639
JSON object : View
Products Affected
- android
CWE
CWE-922
Insecure Storage of Sensitive Information