CVE-2021-0432

Name of the Vulnerable Software and Affected Versions: Android versions Android-11

Description: In the ClearPullerCacheIfNecessary and ForceClearPullerCache functions of StatsPullerManager.cpp, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Recommendations: For Android version Android-11, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.