CVE-2021-1008

In addSubInfo of SubscriptionController.java, there is a possible way to force the user to make a factory reset due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2021-1008

CVE-2021-1008 affects Android 12; the issue is in addSubInfo of SubscriptionController.java, described as a logic error that could force a factory reset, yielding local denial of service with system privileges. Exploitation is stated as possible without user interaction. Connected documents corro...

Google Android SubscriptionController.java information disclosure vulnerability

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Alliance OHA. Google Android SubscriptionController.java is vulnerable to information disclosure and can be exploited by attackers to obtain sensitive information...

ASB-A-185235454

In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitati...

Google Android 安全漏洞

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Alliance OHA. Google Android SubscriptionController.java is vulnerable to information disclosure and can be exploited by attackers to obtain sensitive information...