CVE-2021-0381

Name of the Vulnerable Software and Affected Versions: Android versions Android-11

Description: The issue is related to a possible permission bypass in the DeviceStorageMonitorService.java due to an unsafe PendingIntent. This could lead to local information disclosure, requiring User execution privileges for exploitation. No user interaction is needed for exploitation.

Recommendations: For Android version Android-11, consider restricting access to the updateNotifications function in DeviceStorageMonitorService.java until a patch is available. As a temporary workaround, review and secure any PendingIntents used within the service to prevent potential bypasses.