CVE Vulnerabilities

CVE-2021-39619

Published: Feb 11, 2022 | Modified: Jul 12, 2022
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

In updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass security and privacy settings of app usage due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-197399948

Affected Software

Name Vendor Start Version End Version
Android Google 11.0 (including) 11.0 (including)
Android Google 12.0 (including) 12.0 (including)

References