2 matches found
CVE-2021-39680
In secSHA256Transform of sha256core.c, there is a possible way to read heap data due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2021-39680
CVE-2021-39680 affects the Android kernel, with the flaw located in sec_SHA256_Transform within sha256_core.c. The issue allows reading heap data due to uninitialized data, enabling local information disclosure with system privileges. Exploitation does not require user interaction. The vulnerabil...