LG Mobile Devices 8.0/8.1/9.0 USB laf Gadget use after free

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in LG Mobile Devices 8.0/8.1/9.0 (Smartphone Operating System). It has been declared as critical. This vulnerability affects an unknown functionality of the component USB laf Gadget. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field02/04/2021 06:52 PM02/23/2021 03:05 PM
price_0day$5k-$25k$5k-$25k
vendorLGLG
nameMobile DevicesMobile Devices
version8.0/8.1/9.08.0/8.1/9.0
componentUSB laf GadgetUSB laf Gadget
cwe416 (memory corruption)416 (memory corruption)
risk22
cvss3_vuldb_uiNN
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rcCC
urlhttps://lgsecurity.lge.com/https://lgsecurity.lge.com/
cveCVE-2021-26689CVE-2021-26689
date1612393200 (02/04/2021)1612393200 (02/04/2021)
typeSmartphone Operating SystemSmartphone Operating System
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_avAA
cvss2_vuldb_acMM
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss3_vuldb_avAA
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_sUU
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss2_vuldb_basescore4.94.9
cvss2_vuldb_tempscore4.94.9
cvss3_vuldb_basescore5.55.5
cvss3_vuldb_tempscore5.55.5
cvss3_meta_basescore5.55.5
cvss3_meta_tempscore5.55.5
cve_assigned1612393200
cve_nvd_summaryAn issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. The USB laf gadget has a use-after-free. The LG ID is LVE-SMP-200031 (February 2021).

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!