2 matches found
CVE-2021-1027
In setTransactionState of SurfaceFlinger, there is possible arbitrary code execution in a privileged process due to improper casting. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-1027
CVE-2021-1027 affects Android 12, specifically the SurfaceFlinger component during setTransactionState. The root cause is improper casting in SurfaceFlinger that can allow arbitrary code execution in a privileged process, leading to local elevation of privilege with no extra execution privileges ...