In multiple functions of libl3oemcrypto.cpp, there is a possible weakness in the existing obfuscation mechanism due to the way sensitive data is handled. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-190724551
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/2021-08-01 | Vendor Advisory |
https://source.android.com/security/bulletin/2021-08-01 | Vendor Advisory |
Configurations
History
21 Nov 2024, 05:43
Type | Values Removed | Values Added |
---|---|---|
References | () https://source.android.com/security/bulletin/2021-08-01 - Vendor Advisory |
Information
Published : 2021-08-17 19:15
Updated : 2024-11-21 05:43
NVD link : CVE-2021-0639
Mitre link : CVE-2021-0639
CVE.ORG link : CVE-2021-0639
JSON object : View
Products Affected
- android
CWE
CWE-922
Insecure Storage of Sensitive Information