CVE-2021-0941

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a possible out of bounds read due to a use after free in the bpf skb change head function of filter.c. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. The vulnerability is associated with an error in reading beyond memory boundaries, which may allow an attacker to access potentially confidential information or cause a system crash or leak internal kernel information.

Recommendations For Android kernel, consider disabling the bpf skb change head function as a temporary workaround until a patch is available. Restrict access to sensitive information and system resources to minimize the risk of exploitation. Apply configuration changes to limit the privileges of local users and reduce the potential impact of the vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.