{"id":"ASB-A-192085766","details":"In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-192085766","CVE-2021-0955"],"modified":"2026-05-27T15:53:17.428190120Z","published":"2021-12-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-12-01"}],"affected":[{"package":{"name":"platform/packages/providers/MediaProvider","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-12-01"}]}],"versions":["11"],"ecosystem_specific":{"spl":"2021-12-01","types":["EoP"],"fixes":["https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9b7488a6ab3f4c8f5cfc30ff7d04a972643c1ff9"],"severity":"High","vanir_signatures":[{"signature_type":"Function","id":"ASB-A-192085766-555f3750","signature_version":"v1","digest":{"length":589,"function_hash":"192019583326987785727405191115202404923"},"source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9b7488a6ab3f4c8f5cfc30ff7d04a972643c1ff9","target":{"function":"pf_write_buf","file":"jni/FuseDaemon.cpp"},"deprecated":false},{"signature_type":"Line","id":"ASB-A-192085766-891c0d00","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["63062175104087424415549573778864761467","231680940865405488345224561359528259172","273123602092719675722700568352747148168","29991220791276618583071092840987293896","196368252258504179421192806773538706037"]},"target":{"file":"jni/FuseDaemon.cpp"},"source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9b7488a6ab3f4c8f5cfc30ff7d04a972643c1ff9","deprecated":false}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-192085766.json"}}],"schema_version":"1.7.5"}