PT-2021-13165 · Google · Android

Published

2021-06-01

Updated

2021-06-23

CVE-2021-0516

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Android versions Android-8.1 through Android-11

Description: The issue is related to a possible out of bounds read and write due to a use after free in the p2p process prov disc req function of p2p pd.c. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Recommendations: For Android versions Android-8.1 through Android-11, update to a version that contains a fix for this issue.

Fix

Out of bounds Read

Use After Free

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-416CWE-787

Related Identifiers

ASB-A-181660448

CVE-2021-0516

Affected Products

Android

PT-2021-13165 · Google · Android

CVE-2021-0516

Weakness Enumeration

Related Identifiers

Affected Products

References · 5