CVE-2021-0431

HIGH

Android - Out-of-bounds Read in avrc_msg_cback

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-0431. PoCs published by nanopathi, ShaikUsaf.

AI-analyzed exploit summary This repository contains the Fluoride Bluetooth stack source code from AOSP, including build instructions and documentation. It does not include an exploit PoC but provides the source code for the vulnerable component (CVE-2021-0431).

Description

In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174149901

Exploits (2)

nomisec WRITEUP
by nanopathi · poc
https://github.com/nanopathi/system_bt_AOSP10_r33_CVE-2021-0431

This repository contains the Fluoride Bluetooth stack source code from AOSP, including build instructions and documentation. It does not include an exploit PoC but provides the source code for the vulnerable component (CVE-2021-0431).

Classification
Writeup 90%
Attack Type
Other
Complexity
Complex
Reliability
Theoretical
Target: Android Bluetooth stack (Fluoride)
No auth needed
Prerequisites: Access to the vulnerable Bluetooth stack
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WRITEUP
by ShaikUsaf · poc
https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0431

This repository contains the Fluoride Bluetooth stack source code, including build instructions and documentation. It does not include an exploit PoC but provides the source code for the vulnerable component (CVE-2021-0431).

Classification
Writeup 90%
Attack Type
Other
Complexity
Complex
Reliability
Theoretical
Target: Fluoride Bluetooth stack (AOSP10 r33)
No auth needed
Prerequisites: Access to the vulnerable Bluetooth stack
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://source.android.com/security/bulletin/2021-04-01

Scores

CVSS v3 7.5
EPSS 0.0171
EPSS Percentile 74.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-125
Status published
Products (4)
google/android 8.1
google/android 9.0
google/android 10.0
google/android 11.0
Published Apr 13, 2021
Tracked Since Feb 18, 2026