CVE-2021-0936:Use-after-free vulnerability in Android kernel's f_accessory.c leading to local privilege escalation

splash
Back

Description Preview

A use-after-free vulnerability was discovered in the acc_read function of f_accessory.c in the Android kernel. This vulnerability could allow a local attacker to corrupt memory, potentially leading to local privilege escalation. The issue occurs when previously freed memory is accessed, creating a condition where memory corruption can occur. No additional execution privileges are required for exploitation, and user interaction is not needed.

Overview

CVE-2021-0936 is a use-after-free vulnerability (CWE-416) in the Android kernel's USB accessory functionality. The vulnerable code exists in the acc_read function within f_accessory.c. When exploited, an attacker can cause memory corruption by accessing memory after it has been freed, which could lead to privilege escalation on the affected device. This vulnerability is particularly concerning because it requires no user interaction and can be exploited by a local attacker without needing additional execution privileges. The issue affects various Android devices and was addressed in the October 2021 Pixel security update.

Remediation

To mitigate this vulnerability, users should:

  1. Update affected Android devices to the latest available security patch level, specifically the October 2021 security update or later.
  2. For Pixel device owners, ensure the October 2021 Pixel security update is installed.
  3. For other Android device manufacturers, check with the vendor for availability of security patches addressing this issue.
  4. System administrators managing Android enterprise deployments should prioritize this update, as local privilege escalation vulnerabilities can be leveraged in multi-stage attacks.
  5. If updates are not available, consider limiting physical access to affected devices and restricting installation of untrusted applications.

References

  1. Android Security Bulletin - Pixel Update Bulletin - October 2021: https://source.android.com/security/bulletin/pixel/2021-10-01
  2. CWE-416: Use After Free: https://cwe.mitre.org/data/definitions/416.html
  3. Android Security Vulnerability ID: A-173789633
  4. The issue was also addressed in the upstream Linux kernel

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Accommodation & Food Services
    Accommodation & Food Services
  2. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
  3. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
  4. Arts, Entertainment & Recreation
    Arts, Entertainment & Recreation
  5. Construction
    Construction
  6. Educational Services
    Educational Services
  7. Finance and Insurance
    Finance and Insurance
  8. Health Care & Social Assistance
    Health Care & Social Assistance
  9. Information
    Information
  10. Management of Companies & Enterprises
    Management of Companies & Enterprises
  11. Manufacturing
    Manufacturing
  12. Mining
    Mining
  13. Other Services (except Public Administration)
    Other Services (except Public Administration)
  14. Professional, Scientific, & Technical Services
    Professional, Scientific, & Technical Services
  15. Public Administration
    Public Administration
  16. Real Estate Rental & Leasing
    Real Estate Rental & Leasing
  17. Retail Trade
    Retail Trade
  18. Transportation & Warehousing
    Transportation & Warehousing
  19. Utilities
    Utilities
  20. Wholesale Trade
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background
Armis Vulnerability Intelligence Database