{"id":"ASB-A-160346309","details":"In process of C2SoftHevcDec.cpp, there is a possible out of bounds write due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.","aliases":["A-160346309","CVE-2021-0335"],"modified":"2026-04-27T15:40:08.012512Z","published":"2021-02-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-02-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/av/+/5fe4a516e5f194b03153a9f544b4f79da18c46d0"}],"affected":[{"package":{"name":"platform/frameworks/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-02-01"}]}],"versions":["10"],"ecosystem_specific":{"spl":"2021-02-01","fixes":["https://android.googlesource.com/platform/frameworks/av/+/5fe4a516e5f194b03153a9f544b4f79da18c46d0"],"severity":"High","types":["ID"],"vanir_signatures":[{"id":"ASB-A-160346309-1b5a82e8","source":"https://android.googlesource.com/platform/frameworks/av/+/5fe4a516e5f194b03153a9f544b4f79da18c46d0","deprecated":false,"digest":{"length":24773,"function_hash":"156403520066969378917420964670012557434"},"target":{"file":"media/libstagefright/MediaCodec.cpp","function":"MediaCodec::onMessageReceived"},"signature_version":"v1","signature_type":"Function"},{"id":"ASB-A-160346309-c131a565","source":"https://android.googlesource.com/platform/frameworks/av/+/5fe4a516e5f194b03153a9f544b4f79da18c46d0","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["175518358395606551475236458693082707395","78282875977555182837643111024922754880","128399704599950713485704866834447045607","262751367214178538839473820290977228918","172612780151397525546112545339211743148","319539283947192176157209745994205694467","273248556596186671733519873946649685649","129071999506799661233396358447037667988","319072262300676424023159369269861975789","236629555272760352689175793201997028680","208312891030012485909298532738278861862","79268551593472731336139171829962969841"]},"target":{"file":"media/libstagefright/MediaCodec.cpp"},"signature_version":"v1","signature_type":"Line"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-160346309.json"}},{"package":{"name":"platform/frameworks/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-02-01"}]}],"versions":["11"],"ecosystem_specific":{"spl":"2021-02-01","fixes":["https://android.googlesource.com/platform/frameworks/av/+/5fe4a516e5f194b03153a9f544b4f79da18c46d0"],"severity":"High","types":["ID"],"vanir_signatures":[{"id":"ASB-A-160346309-0c2c1a43","source":"https://android.googlesource.com/platform/frameworks/av/+/5fe4a516e5f194b03153a9f544b4f79da18c46d0","deprecated":false,"digest":{"length":24773,"function_hash":"156403520066969378917420964670012557434"},"target":{"file":"media/libstagefright/MediaCodec.cpp","function":"MediaCodec::onMessageReceived"},"signature_version":"v1","signature_type":"Function"},{"id":"ASB-A-160346309-3aeef053","source":"https://android.googlesource.com/platform/frameworks/av/+/5fe4a516e5f194b03153a9f544b4f79da18c46d0","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["175518358395606551475236458693082707395","78282875977555182837643111024922754880","128399704599950713485704866834447045607","262751367214178538839473820290977228918","172612780151397525546112545339211743148","319539283947192176157209745994205694467","273248556596186671733519873946649685649","129071999506799661233396358447037667988","319072262300676424023159369269861975789","236629555272760352689175793201997028680","208312891030012485909298532738278861862","79268551593472731336139171829962969841"]},"target":{"file":"media/libstagefright/MediaCodec.cpp"},"signature_version":"v1","signature_type":"Line"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-160346309.json"}}],"schema_version":"1.7.5"}