5.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.6%
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
android.googlesource.com/platform/frameworks/av/+/14937e01950dc4bce459c18fca9ef13dd3db5f8f
android.googlesource.com/platform/hardware/interfaces/+/2658c0da40fabf8fff9a765ebd5c5b293c4b57e8
source.android.com/security/bulletin/2021-04-01