CVE-2021-0342

CVSS v3.1 6.7 (Medium)

CVSS v2.0 4.6 (Medium)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 17

In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel; Android ID: A-146554327.

Weaknesses

CWE-416: Use After Free

CVE Status: PUBLISHED
CNA: Android (associated with Google Inc. or Open Handset Alliance)
Published Date: 2021-01-11 21:15:13
(3 years ago)
Updated Date: 2021-01-13 16:50:50
(3 years ago)

Affected Products

Google

Android

Configuration #1

		CPE23	From	Up To
	Google Android	cpe:2.3:o:google:android:-