How severe is CVE-2021-0947?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2021-0947?

This is classified as CWE-909, which is a common weakness in software security.

CVE-2021-0947 - HIGH Severity | CVSS 7.5

Vulnerability Description

The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on the heap, fills the contents of the buffer via TLServerDiscoverStreamsKM, and then copies the buffer to userspace. The method TLServerDiscoverStreamsKM may fail for several reasons including invalid sizes. If this method fails the buffer will be left uninitialized and despite the error will still be copied to userspace. Kernel leak of uninitialized heap data with no privs required.Product: AndroidVersions: Android SoCAndroid ID: A-236838960

Related Vulnerabilities

CVE-2018-10811

HIGH

CVSS:7.5(High)

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.

CWE-9092018

CVE-2018-21247

HIGH

CVSS:7.5(High)

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

CWE-9092018

CVE-2019-12408

HIGH

CVSS:7.5(High)

It was discovered that the C++ implementation (which underlies the R, Python and Ruby implementations) of Apache Arrow 0.14.0 to 0.14.1 had a uninitialized memory bug when building arrays with null va...

CWE-9092019

CVE-2019-12410

HIGH

CVSS:7.5(High)

While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data ...

CWE-9092019

CVE-2019-16714

HIGH

CVSS:7.5(High)

In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.

CWE-9092019

CVE-2019-19553

HIGH

CVSS:7.5(High)

In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NUL...

CWE-9092019