CVE-2021-1001

Name of the Vulnerable Software and Affected Versions Android versions Android-12

Description In the PVInitVideoEncoder function of mp4enc api.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Recommendations For Android version Android-12, consider restricting access to the PVInitVideoEncoder function in mp4enc api.cpp to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.