CVE-2021-39639

Name of the Vulnerable Software and Affected Versions: Android kernel

Description: The issue is related to a missing permission check in the fvp.c file, which could lead to local escalation of privilege with physical access to device internals and no additional execution privileges needed. User interaction is not required for exploitation.

Recommendations: For Android kernel, consider restricting physical access to device internals to minimize the risk of exploitation. As a temporary workaround, review and enhance permission checks in the fvp.c file until a formal patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.