PT-2021-1508 · Google+6 · Android Kernel+6
Published
2021-01-18
·
Updated
2021-11-03
·
CVE-2021-0512
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Android kernel
Description:
The issue is related to a heap buffer overflow in the
hidinput change resolution multipliers function of hid-input.c, which can lead to a local escalation of privilege without requiring additional execution privileges. User interaction is not needed for exploitation.Recommendations:
For Android kernel, consider applying the fix from the upstream kernel to resolve the issue.
As a temporary workaround, consider restricting access to the
hidinput change resolution multipliers function until a patch is available.
No other specific mitigation measures are provided for this issue.Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Almalinux
Android Kernel
Astra Linux
Centos
Red Hat
Rocky Linux
Suse