An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.
oryginał ENCVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:HGoogle Android
OSGoogle10.011.0Samsung Exynos
HWSamsungwszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Powiązane podatności
CVE-2020-16010CRITICAL9.6⚠ KEVten sam produkt
Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who ha...
CVE-2016-1019CRITICAL9.8⚠ KEVten sam produkt
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application cr...
CVE-2026-13851CRITICAL9.1ten sam produkt
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.4...
CVE-2026-13852CRITICAL9.1ten sam produkt
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.4...
CVE-2026-14106CRITICAL9.6ten sam produkt
Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed ...