CVE-2021-0567

Name of the Vulnerable Software and Affected Versions: Android versions Android-11

Description: The issue concerns a permissions bypass in the isRestricted function of RemoteViews.java, allowing for the injection of font files. This could lead to local escalation of privilege without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations: For Android version Android-11, consider restricting access to the RemoteViews.java module to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the isRestricted function in RemoteViews.java until the issue is resolved.