CVE-2021-39659

MEDIUM

Google Android - Improper Exception Handling

Title source: rule

Description

In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, there is a possible prevention of access to emergency calling due to an unhandled exception. In rare instances, this could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-208267659

References (1)

[Vendor Advisory] https://source.android.com/security/bulletin/2022-01-01

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-755

Status published

Affected Products (3)

google/android

Timeline

Published Jan 14, 2022

Tracked Since Feb 18, 2026