CVE-2021-0454

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a possible out of bounds write in the Citadel chip firmware due to a missing bounds check. This could lead to local escalation of privilege, with System execution privileges needed. User interaction is not required for exploitation. The vulnerability is associated with a buffer overflow in the Titan M security module of the Android operating system, allowing an attacker to elevate their privileges.

Recommendations For Android kernel, apply the fix for the missing bounds check in the Citadel chip firmware to prevent out of bounds write and potential privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.