Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistGoogle_androidCVELIST:CVE-2021-0966
HistoryDec 15, 2021 - 6:05 p.m.

CVE-2021-0966

2021-12-1518:05:48
google_android
www.cve.org
4
android
information disclosure
uninitialized memory

AI Score

5.5

Confidence

High

EPSS

0

Percentile

5.1%

JSON

In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data. This could lead to local information disclosure across Binder transactions with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-198346478

CNA Affected

[
  {
    "product": "Android",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Android-11 Android-12"
      }
    ]
  }
]

Related

prion 1
osv 1
cnvd 1
cve 1
nvd 1
prion
prion
Information disclosure
2021-12-15 19:15:00
osv
osv
[AIDL] uninitialized memory reads with C++ enum values in bundles [unverified]
2021-12-01 00:00:00
cnvd
cnvd
Google Android Information Disclosure Vulnerability (CNVD-2021-101960)
2021-12-22 00:00:00
cve
cve
CVE-2021-0966
2021-12-15 19:15:11
nvd
nvd
CVE-2021-0966
2021-12-15 19:15:11

AI Score

5.5

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVELIST:CVE-2021-0966
prion1osv1cnvd1cve1nvd1