{"id":"ASB-A-188554048","details":"In the SELinux policy configured in system_app.te, there is a possible way for system_app to gain code execution in other processes due to an overly-permissive SELinux policy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-188554048","CVE-2021-0691"],"modified":"2026-04-17T15:55:28.020024Z","published":"2021-09-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-09-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/system/sepolicy/+/972b000898a21a9b9eb43d209246dc671b3d815b"}],"affected":[{"package":{"name":"platform/system/sepolicy","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-09-01"}]}],"versions":["11"],"ecosystem_specific":{"severity":"Moderate","types":["EoP"],"fixes":["https://android.googlesource.com/platform/system/sepolicy/+/16b7d5d829bf2c457e230ccb328c69f33e6e031b"],"spl":"2021-09-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-188554048.json"}}],"schema_version":"1.7.5"}