CVE-2021-0313

2021-01-1121:48:30

google_android

www.cve.org

android

textview

denial of service

input validation

remote

exploitation

EPSS

0.001

Percentile

42.2%

JSON

In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11, Android-8.0, Android-8.1; Android ID: A-170968514.

CNA Affected

[
  {
    "product": "Android",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Android-9"
      },
      {
        "status": "affected",
        "version": "Android-10"
      },
      {
        "status": "affected",
        "version": "Android-11"
      },
      {
        "status": "affected",
        "version": "Android-8.0"
      },
      {
        "status": "affected",
        "version": "Android-8.1"
      }
    ]
  }
]

References

source.android.com/security/bulletin/2021-01-01

EPSS

0.001

Percentile

42.2%

JSON

Related for CVELIST:CVE-2021-0313