PT-2021-1517 · Google+7 · Android Kernel+7

Published

2021-07-28

·

Updated

2026-02-27

·

CVE-2021-0920

CVSS v2.0

6.9

Medium

VectorAV:L/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Android kernel
Description The issue is caused by a race condition in the unix scm to skb function of af unix.c, leading to a possible use after free bug. This could result in local escalation of privilege with System execution privileges needed. User interaction is not required for exploitation. The vulnerability has been used for Android exploitation in the wild.
Recommendations For Android kernel, consider applying the fix for the race condition in the unix scm to skb function of af unix.c to prevent local escalation of privilege. As a temporary workaround, consider restricting access to the vulnerable function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-416

Related Identifiers

ALSA-2022:0825
ASB-A-196926917
BDU:2022-00836
CESA-2022_0620
CESA-2022_0819
CESA-2022_0825
CESA-2022_0849
CVE-2021-0920
DLA-2843-1
OESA-2021-1475
OPENSUSE-SU-2022:0366-1
OPENSUSE-SU-2022:1037-1
OPENSUSE-SU-2022:1039-1
OPENSUSE-SU-2022_0366-1
OPENSUSE-SU-2022_1037-1
OPENSUSE-SU-2022_1039-1
RHSA-2022:0590
RHSA-2022:0592
RHSA-2022:0620
RHSA-2022:0622
RHSA-2022:0629
RHSA-2022:0636
RHSA-2022:0771
RHSA-2022:0772
RHSA-2022:0777
RHSA-2022:0819
RHSA-2022:0823
RHSA-2022:0825
RHSA-2022:0841
RHSA-2022:0849
RHSA-2022:0851
RHSA-2022:0958
RHSA-2022:1103
RHSA-2022:1104
RHSA-2022:1106
RHSA-2022:1107
RHSA-2022:1263
RHSA-2022:1324
RHSA-2022:1373
RHSA-2022:1417
RHSA-2022_0620
RHSA-2022_0622
RHSA-2022_0819
RHSA-2022_0825
RHSA-2022_1417
RLSA-2022:0819
RLSA-2022:0825
SUSE-SU-2022:0068-1
SUSE-SU-2022:0080-1
SUSE-SU-2022:0090-1
SUSE-SU-2022:0366-1
SUSE-SU-2022:0367-1
SUSE-SU-2022:0371-1
SUSE-SU-2022:0615-1
SUSE-SU-2022:0619-1
SUSE-SU-2022:0647-1
SUSE-SU-2022:0660-1
SUSE-SU-2022:0667-1
SUSE-SU-2022:0668-1
SUSE-SU-2022:0756-1
SUSE-SU-2022:0762-1
SUSE-SU-2022:0996-1
SUSE-SU-2022:1034-1
SUSE-SU-2022:1037-1
SUSE-SU-2022:1038-1
SUSE-SU-2022:1039-1
SUSE-SU-2022:1197-1
SUSE-SU-2022:1257-1
SUSE-SU-2022_0615-1
SUSE-SU-2022_0619-1
SUSE-SU-2022_0647-1
SUSE-SU-2022_0660-1
SUSE-SU-2022_0667-1
SUSE-SU-2022_0668-1
SUSE-SU-2022_0996-1
SUSE-SU-2026:0688-1
USN-5361-1
USN-7720-1

Affected Products

Almalinux
Android Kernel
Astra Linux
Centos
Red Hat
Rocky Linux
Suse
Ubuntu