CVE-2021-0313

HIGH

Android 8.0-11 - Denial of Service in LayoutUtils.cpp Word Break Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-0313. PoCs published by Satheesh575555.

AI-analyzed exploit summary This repository contains detailed documentation and source code related to the Minikin framework, specifically focusing on the hyphenation tool and file format. It includes technical explanations of the hyb file format and Minikin's style guide, but lacks functional exploit code for CVE-2021-0313.

Description

In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11, Android-8.0, Android-8.1; Android ID: A-170968514.

Exploits (1)

nomisec WRITEUP
by Satheesh575555 · poc
https://github.com/Satheesh575555/frameworks_minikin_AOSP10_r33_CVE-2021-0313

This repository contains detailed documentation and source code related to the Minikin framework, specifically focusing on the hyphenation tool and file format. It includes technical explanations of the hyb file format and Minikin's style guide, but lacks functional exploit code for CVE-2021-0313.

Classification
Writeup 90%
Attack Type
Other
Complexity
Moderate
Reliability
Theoretical
Target: Android Minikin framework (AOSP10 r33)
No auth needed
Prerequisites: Access to the target system's Minikin framework
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2021-01-01

Scores

CVSS v3 7.5
EPSS 0.0168
EPSS Percentile 73.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (5)
google/android 8.0
google/android 8.1
google/android 9.0
google/android 10.0
google/android 11.0
Published Jan 11, 2021
Tracked Since Feb 18, 2026