CVE-2021-1921Time-of-check Time-of-use (TOCTOU) Race Condition in Google Android

CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition3 documents3 sources
Severity
7.0HIGHNVD
EPSS
0.0%
top 91.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Android
Timeline
PublishedNov 12
Latest updateMay 24

Description

Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-8wpq-w3g7-g8cr: Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Com2022-05-24

📋Vendor Advisories

1
Android
CVE-2021-1921: Closed-source component2021-11-01
CVE-2021-1921 — Google Android vulnerability | cvebase