CVE-2021-39803: Use After Free
First published: Mon Apr 04 2022(Updated: )
In ~Impl of C2AllocatorIon.cpp, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-193790350
Credit: security@android.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | =10.0 | |
| Google Android | =11.0 | |
| Google Android | =12.0 | |
| Google Android | =12.1 | |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2021-39803.
What is the severity of CVE-2021-39803?
The severity of CVE-2021-39803 is high.
How can this vulnerability be exploited?
This vulnerability can be exploited through user interaction and can lead to remote information disclosure.
Which versions of Android are affected by CVE-2021-39803?
Versions Android-10, Android-11, Android-12, and Android-12.1 are affected by CVE-2021-39803.
Are there any references available for CVE-2021-39803?
Yes, references for CVE-2021-39803 can be found at the following links: [Link1], [Link2], [Link3].
- agent/type
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/author
- agent/weakness
- agent/severity
- agent/references
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/description
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/google
- canonical/google android
- version/google android/10.0
- version/google android/11.0
- version/google android/12.0
- version/google android/12.1