{"id":"ASB-A-200041882","details":"In update of km_compat.cpp, there is a possible loss of potentially sensitive data due to a logic error in the code. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-200041882","CVE-2021-0958"],"modified":"2026-04-22T14:59:17.843400Z","published":"2021-12-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-12-01"}],"affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-12-01"}]}],"versions":["11"],"ecosystem_specific":{"severity":"Moderate","fixes":["https://android.googlesource.com/platform/frameworks/base/+/395e56a71c87d3748ca280f235da04983069de87"],"vanir_signatures":[{"signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/base/+/395e56a71c87d3748ca280f235da04983069de87","digest":{"threshold":0.9,"line_hashes":["63895250717123420297641002273223874522","294427128970106098263378810741973477276","23689469084458467884454099246961428641","40041369669208508251054985713600028717","131870776960916423165309979218873857527","165667409842384484697599484314191813961","60667836659051868458743621757815902733","138454790325154849922723629197758925444","87840694837720250126470788888092372476","282075926108188103215179853131176140115","299731467647186736247268646746127089844","237140856347092246524592409619848551498","149333264088716534671752851807630786910","195609456339659767324711824689363829782","237240001580756078276369380452826233184","303825875427489110825298158308078487847","267213603705728191936035718912155610927","89158044670599540970050132598645846821"]},"signature_version":"v1","deprecated":false,"target":{"file":"keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java"},"id":"ASB-A-200041882-1373a5d6"},{"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/base/+/395e56a71c87d3748ca280f235da04983069de87","digest":{"length":1777,"function_hash":"287817583073348075063627018514464567696"},"signature_version":"v1","deprecated":false,"target":{"function":"update","file":"keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java"},"id":"ASB-A-200041882-ce16c9f3"}],"types":["DoS"],"spl":"2021-12-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-200041882.json"}},{"package":{"name":"platform/system/security","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2021-12-01"}]}],"versions":["12"],"ecosystem_specific":{"severity":"Moderate","fixes":["https://android.googlesource.com/platform/system/security/+/b7f303146fecc166260aced8de677dfc7322f7a3"],"vanir_signatures":[{"signature_type":"Line","source":"https://android.googlesource.com/platform/system/security/+/b7f303146fecc166260aced8de677dfc7322f7a3","digest":{"threshold":0.9,"line_hashes":["296247381615706207940344218873979561406","117914632088309752997507968849196862561","296127060522419971491214502692124512607","289605831318439964476066516728869475390","246677525376236764731752077701042705914","275394212812749307118547474173493168246","150743742270153775574323177774337554644","14510788412777461895624544256531122542","270108042523112881788052144010558101792","43914366029301982099248993372225136363","92304254268092578088067572760309488687","165331501407977169918564501036867129372","172646350780875746062336910881553966872","156320583609609716048373255473262654500","188464575262330323982702135274694293938","186648026298976972473366559225974820210","26297471291680814041470058232411228257","183477435670545106904388353096335975001","96571061197215787766419045033778474359","232758056508553985081029411056760457141","219007454539755862411747402571348049678","262132622474183740545779879592993130885"]},"signature_version":"v1","deprecated":false,"target":{"file":"keystore2/src/km_compat/km_compat.cpp"},"id":"ASB-A-200041882-5a27b434"},{"signature_type":"Line","source":"https://android.googlesource.com/platform/system/security/+/b7f303146fecc166260aced8de677dfc7322f7a3","digest":{"threshold":0.9,"line_hashes":["191457518975892954429420437395054367537","55921400531954652432818226400380192261","294121662116713340914746920978361905691","263450118387933674872164299383355782964","116462961127653278057920658998514115935","221906624880504727863042671492829109410","298415771029044292149912867544885778593","135496493869402731336487378667975788889","160535297822301536978066717815325024760","217928048407434328421568135233871840142","75766592965099032473761074138347594446"]},"signature_version":"v1","deprecated":false,"target":{"file":"keystore2/src/km_compat/km_compat.h"},"id":"ASB-A-200041882-e79739a5"},{"signature_type":"Function","source":"https://android.googlesource.com/platform/system/security/+/b7f303146fecc166260aced8de677dfc7322f7a3","digest":{"length":894,"function_hash":"82284854177447888888080578493938680824"},"signature_version":"v1","deprecated":false,"target":{"function":"KeyMintOperation::update","file":"keystore2/src/km_compat/km_compat.cpp"},"id":"ASB-A-200041882-f697c9d1"}],"types":["DoS"],"spl":"2021-12-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-200041882.json"}}],"schema_version":"1.7.5"}