CVE-2021-39708

Name of the Vulnerable Software and Affected Versions Android versions Android-12

Description The issue is related to a function gatt process notification in gatt cl.cc of the Android operating system kernel, which is associated with inadequate access control. This could allow a remote attacker to escalate their privileges due to an incorrect bounds check, potentially leading to an out-of-bounds write. No additional execution privileges are needed, and user interaction is not required for exploitation.

Recommendations For Android version Android-12, consider restricting access to the gatt process notification function in gatt cl.cc until a patch is available. As a temporary workaround, disabling the gatt process notification function may help minimize the risk of exploitation.