CVE-2021-39726

HIGH

Android - Out-of-bounds Read in cd_ParseMsg

Title source: llm
STIX 2.1

Description

In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-181782896References: N/A

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0071
EPSS Percentile 48.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-125
Status published
Products (1)
google/android
Published Mar 16, 2022
Tracked Since Feb 18, 2026