CVE-2021-0946

Name of the Vulnerable Software and Affected Versions Android versions Android SoC

Description The issue arises from the method PVRSRVBridgePMRPDumpSymbolicAddr, which allocates a buffer on the heap, attempts to fill it via PMR PDumpSymbolicAddr, and then copies the buffer to userspace. If PMR PDumpSymbolicAddr fails, the buffer remains uninitialized, yet it is still copied to userspace, resulting in a kernel leak of uninitialized heap data. This can occur without requiring any privileges.

Recommendations For Android SoC, consider restricting access to the PVRSRVBridgePMRPDumpSymbolicAddr method until a proper fix is implemented to handle the case when PMR PDumpSymbolicAddr fails, preventing the copying of uninitialized data to userspace. At the moment, there is no information about a newer version that contains a fix for this vulnerability.