CVE-2021-39651

Name of the Vulnerable Software and Affected Versions: Android kernel

Description: The issue allows access to PIN protected settings without PIN confirmation due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation.

Recommendations: For Android kernel, consider implementing a permission check to prevent unauthorized access to PIN protected settings until a patch is available. As a temporary workaround, restrict access to sensitive settings to minimize the risk of exploitation.