Lucene search
Google_androidCVE-2021-0948HistoryJul 13, 2023 - 12:15 a.m.
CVE-2021-0948
2023-07-1300:15:23
CWE-908
google_android
web.nvd.nist.gov
17
cve-2021-0948
pvrsrvbridgegetmulticoreinfo
powervr
kernel driver
uninitialized memory
user space
sensitive information
nvd
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0
Percentile
9.0%
The PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver can return uninitialized kernel memory to user space. The contents of this memory could contain sensitive information.
Affected configurations
Node
googleandroidMatch-
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android SoC"
}
]
}
]Related
cvelist
cvelist
CVE-2021-0948
2023-07-12 23:16:21
prion
prion
Information disclosure
2023-07-13 00:15:00
nvd
nvd
CVE-2021-0948
2023-07-13 00:15:23
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2021-0948