CVE-2021-0922

Name of the Vulnerable Software and Affected Versions Android versions Android-11

Description The issue is related to a missing permission check in the enforceCrossUserOrProfilePermission function of PackageManagerService.java. This could allow for a bypass of the INTERACT ACROSS PROFILES permission, leading to a local escalation of privilege. No additional execution privileges are needed for exploitation, and user interaction is not required.

Recommendations For Android version Android-11, at the moment, there is no information about a newer version that contains a fix for this vulnerability.