← back
CVE-2021-1048

CVE-2021-1048

CVSS 7.8 HIGHEPSS 1.0%● KEVCWE-416
In short

A flaw in Android's event polling system allows an attacker to corrupt memory by accessing freed data, potentially gaining elevated privileges on the device without needing special permissions or user interaction.

Technical detail

CVE-2021-1048 exploits a use-after-free vulnerability (CWE-416) in ep_loop_check_proc within eventpoll.c, allowing local privilege escalation. The vulnerability requires no additional execution privileges or user interaction; an unprivileged local process can trigger memory corruption by manipulating eventpoll structures after they have been freed.

Summary generated and translated by AI from the official description.
In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204573007References: Upstream kernel
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · Android

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://source.android.com/security/bulletin/2021-11-01https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-1048