CVE-2021-0964

Name of the Vulnerable Software and Affected Versions Android versions Android-9 through Android-12

Description The issue is related to a heap buffer overflow in the C2SoftMP3::process() function of C2SoftMp3Dec.cpp, which could lead to remote information disclosure without requiring additional execution privileges. User interaction is necessary for exploitation. This is a problem with the Media Framework component of the Android operating system, where an operation can exceed the buffer boundaries in memory, potentially allowing a remote attacker to gain unauthorized access to protected information.

Recommendations For Android versions Android-9 through Android-12, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.