Google Android 11.0/12.0 Parcel.cpp ipcSetDataReference minneskorruption

I Google Android 11.0/12.0 (Smartphone Operating System) har en kritiskt svag punkt upptäckte. Som påverkar funktionen ipcSetDataReference filen Parcel.cpp. Genom att installera en lapp, kan problemet lösas.

Fält15/01/2022 07:4419/01/2022 10:54
cvss2_nvd_aiCC
identifierA-203847542A-203847542
urlhttps://source.android.com/security/bulletin/2022-01-01https://source.android.com/security/bulletin/2022-01-01
namePatchPatch
cveCVE-2021-39620CVE-2021-39620
cve_assigned1629669600 (23/08/2021)1629669600 (23/08/2021)
vendorGoogleGoogle
nameAndroidAndroid
version11.0/12.011.0/12.0
fileParcel.cppParcel.cpp
functionipcSetDataReferenceipcSetDataReference
cwe416 (minneskorruption)416 (minneskorruption)
risk22
cvss3_vuldb_avLL
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
cvss3_nvd_avLL
cvss3_nvd_acLL
cvss3_nvd_prLL
cvss3_nvd_uiNN
cvss3_nvd_sUU
cvss3_nvd_cHH
cvss3_nvd_iHH
cvss3_nvd_aHH
cvss2_nvd_avLL
cvss2_nvd_acLL
cvss2_nvd_auNN
cvss2_nvd_ciCC
cvss2_nvd_iiCC
date1642201200 (15/01/2022)1642201200 (15/01/2022)
typeSmartphone Operating SystemSmartphone Operating System
cvss2_vuldb_avLL
cvss2_vuldb_acLL
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_auNN
cvss2_vuldb_eNDND
cvss3_vuldb_eXX
cvss2_nvd_basescore7.27.2
cvss3_nvd_basescore7.87.8
cvss2_vuldb_basescore4.64.6
cvss2_vuldb_tempscore4.04.0
cvss3_vuldb_basescore5.35.3
cvss3_vuldb_tempscore5.15.1
cvss3_meta_basescore6.56.5
cvss3_meta_tempscore6.46.4
price_0day$25k-$100k$25k-$100k
price_trend++
cve_nvd_summaryIn ipcSetDataReference of Parcel.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-203847542

Want to stay up to date on a daily basis?

Enable the mail alert feature now!