Headline
CVE-2021-39767: Android 12L Security Release Notes | Android Open Source Project
In miniadb, there is a possible way to get read/write access to recovery system properties due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201308542
Published February 22, 2022
This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 12L. Android 12L devices with a security patch level of 2022-03-01 or later are protected against these issues (Android 12L, as released on AOSP, will have a default security patch level of 2022-03-01). To learn how to check a device’s security patch level, see Check and update your Android version.
Android partners are notified of all issues prior to publication. Source code patches for these issues will be released to the Android Open Source Project (AOSP) repository as part of the Android 12L release.
The severity assessment of issues in these release notes are based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.
We have had no reports of active customer exploitation or abuse of these newly reported issues. Refer to the Android and Google Play Protect mitigations section for details on the Android security platform protections and Google Play Protect, which improve the security of the Android platform.
Announcements
- The issues described in this document are addressed as part of Android 12L. This information is provided for reference and transparency.
- We would like to acknowledge and thank the security research community for their continued contributions towards securing the Android ecosystem.
Android and Google service mitigations
This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.
- Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible.
- The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications. Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play.
Android 12L vulnerability details
The sections below provide details for security vulnerabilities fixed as part of Android 12L. Vulnerabilities are grouped under the component that they affect and include details such as the CVE, associated references, type of vulnerability, and severity.
Framework
CVE
References
Type
Severity
CVE-2021-39749
A-205996115
EoP
High
CVE-2021-39743
A-201534884
EoP
Moderate
CVE-2021-39746
A-194696395
EoP
Moderate
CVE-2021-39750
A-206474016
EoP
Moderate
CVE-2021-39752
A-202756848
EoP
Moderate
CVE-2021-39758
A-205130886
EoP
Moderate
CVE-2022-20002
A-198657657
EoP
Moderate
CVE-2021-39744
A-192369136
ID
Moderate
CVE-2021-39745
A-206127671
ID
Moderate
CVE-2021-39747
A-208268457
ID
Moderate
CVE-2021-39748
A-203777141
ID
Moderate
CVE-2021-39751
A-172838801
ID
Moderate
CVE-2021-39753
A-200035185
ID
Moderate
CVE-2021-39755
A-204995407
ID
Moderate
CVE-2021-39756
A-184354287
ID
Moderate
CVE-2021-39757
A-176094662
ID
Moderate
CVE-2021-39754
A-207133709
ID
Moderate
Media Framework
CVE
References
Type
Severity
CVE-2021-39759
A-180200830
EoP
Moderate
CVE-2021-39760
A-194110526
ID
Moderate
CVE-2021-39761
A-179783181
ID
Moderate
CVE-2021-39762
A-210625816
ID
Moderate
Platform
CVE
References
Type
Severity
CVE-2021-39741
A-173567719
EoP
Moderate
CVE-2021-39763
A-199176115
EoP
Moderate
CVE-2021-39764
A-170642995
EoP
Moderate
CVE-2021-39767
A-201308542
EoP
Moderate
CVE-2021-39768
A-202017876
EoP
Moderate
CVE-2021-39771
A-198661951
EoP
Moderate
CVE-2021-25393
A-180518134
ID
Moderate
CVE-2021-39739
A-184525194
ID
Moderate
CVE-2021-39740
A-209965112
ID
Moderate
CVE-2021-39742
A-186405602
ID
Moderate
CVE-2021-39765
A-201535427
ID
Moderate
CVE-2021-39766
A-198296421
ID
Moderate
CVE-2021-39769
A-193663287
ID
Moderate
CVE-2021-39770
A-193033501
ID
Moderate
System
CVE
References
Type
Severity
CVE-2021-39776
A-192614125
EoP
High
CVE-2021-39787
A-202506934
EoP
High
CVE-2021-39772
A-181962322
EoP
Moderate
CVE-2021-39780
A-204992293
EoP
Moderate
CVE-2021-39781
A-195311502
EoP
Moderate
CVE-2021-39782
A-202760015
EoP
Moderate
CVE-2021-39783
A-197960597
EoP
Moderate
CVE-2021-39784
A-200163477
EoP
Moderate
CVE-2021-39786
A-192551247
EoP
Moderate
CVE-2021-39789
A-203880906
EoP
Moderate
CVE-2021-39790
A-186405146
EoP
Moderate
CVE-2021-39773
A-191276656
ID
Moderate
CVE-2021-39775
A-206465854
ID
Moderate
CVE-2021-39777
A-194743207
ID
Moderate
CVE-2021-39778
A-196406138
ID
Moderate
CVE-2021-39779
A-190400974
ID
Moderate
CVE-2021-39788
A-191768014
ID
Moderate
CVE-2021-39791
A-194112606
ID
Moderate
CVE-2021-39774
A-205989472
DoS
Moderate
Additional Vulnerability details
The section below provides details for security vulnerabilities that are being provided for disclosure purposes. These issues are not required for SPL compliance.
Android TV
CVE
References
Type
Severity
CVE-2021-1000
A-185190688
EoP
Moderate
CVE-2021-1033
A-185247656
EoP
Moderate
Common questions and answers
This section answers common questions that may occur after reading this bulletin.
1. How do I determine if my device is updated to address these issues?
To learn how to check a device’s security patch level, see Check and update your Android version.
Android 12L, as released on AOSP, has a default security patch level of 2022-03-01. Android devices running Android 12L and with a security patch level of 2022-03-01 or later address all issues contained in these security release notes.
2. What do the entries in the Type column mean?
Entries in the Type column of the vulnerability details table reference the classification of the security vulnerability.
Abbreviation
Definition
RCE
Remote code execution
EoP
Elevation of privilege
ID
Information disclosure
DoS
Denial of service
N/A
Classification not available
3. What do the entries in the References column mean?
Entries under the References column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs.
Prefix
Reference
A-
Android bug ID
Versions
Version
Date
Notes
1.0
February 22, 2022
Security Release Notes Published
Related news
Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability.
Uncaptured exceptions in the home screen module. Successful exploitation of this vulnerability may affect stability.
In dllist_remove_node of TBD, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-242344778
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.