Vulnerabilities > CVE-2021-0640 - Out-of-bounds Write vulnerability in Google Android 10.0/11.0/9.0

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
google
CWE-787

Summary

In noteAtomLogged of StatsdStats.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-187957589

Vulnerable Configurations

Part Description Count
OS
Google
3

Common Weakness Enumeration (CWE)