CVE-2021-0464

Name of the Vulnerable Software and Affected Versions: Android kernel

Description: The issue is related to a heap buffer overflow in the sound trigger event alloc function of the Android kernel's Audio Server component. This could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation.

Recommendations: For Android kernel, consider applying a patch to fix the heap buffer overflow issue in the sound trigger event alloc function as a permanent solution. As a temporary workaround, restricting access to the sound trigger event alloc function may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.