ASB-A-150371903 — Vulnetix

ASB-A-150371903 PUBLISHED CVSS 8.600000381469727 HIGH

In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure. This could lead to local information disclosure of accessed web resources with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS v4.0

8.600000381469727

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
platform	frameworks/native	10:0, 10, 10:0
platform	system/netd	10:0, 10, 10:0

Timeline

Dec 1, 2020 CVE Published
May 15, 2026 CVE Updated

References

https://source.android.com/security/bulletin/2020-12-01 advisory
https://android.googlesource.com/platform/system/netd/+/e1ec3b167754930d4d87b48414f9d707554a02f0 patch
https://android.googlesource.com/platform/frameworks/native/+/f1cf6a632da354cff3d8aed54913e1ee2909908e patch

Open in Interactive Console →