CVE-2021-0927

Name of the Vulnerable Software and Affected Versions Android versions Android-8.1 through Android-12

Description A logic error in the requestChannelBrowsable function of TvInputManagerService.java may allow a permission bypass. This issue could lead to local escalation of privilege without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android versions Android-8.1 through Android-12, consider restricting access to the TvInputManagerService until a patch is available. As a temporary workaround, consider disabling the requestChannelBrowsable function in TvInputManagerService.java to minimize the risk of exploitation.