Exploitation Summary
EIP tracks 1 public exploit for CVE-2021-0332. PoCs published by Satheesh575555.
AI-analyzed exploit summary This repository contains functional exploit code for CVE-2021-0332, a vulnerability in Android's frameworks/native component. The code includes modified versions of system commands (e.g., atrace, bugreport) that demonstrate the exploit, likely involving privilege escalation or arbitrary code execution in the context of system services.
Description
In bootFinished of SurfaceFlinger.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-169256435
Exploits (1)
This repository contains functional exploit code for CVE-2021-0332, a vulnerability in Android's frameworks/native component. The code includes modified versions of system commands (e.g., atrace, bugreport) that demonstrate the exploit, likely involving privilege escalation or arbitrary code execution in the context of system services.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H