First published: Mon Jun 05 2023(Updated: )
In _PMRCreate of the PowerVR kernel driver, a missing bounds check means it is possible to overwrite heap memory via PhysmemNewRamBackedPMR. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Credit: security@android.com security@android.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | ||
Google Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-0945 is a vulnerability in the PowerVR kernel driver that allows for the possibility of overwriting heap memory via PhysmemNewRamBackedPMR.
CVE-2021-0945 has a severity rating of 9.8, which is considered critical.
No, user interaction is not needed for the exploitation of CVE-2021-0945.
The affected software for CVE-2021-0945 is Google Android.
To fix CVE-2021-0945, it is recommended to apply the necessary security patches provided by Google for the affected Android devices.