{"id":"ASB-A-174302616", "published":"2021-05-01T00:00:00Z", "modified":"2026-06-18T15:04:46.258745422Z", "aliases":["CVE-2021-0485", "A-174302616"], "details":"In getMinimalSize of PipBoundsAlgorithm.java, there is a possible bypass of restrictions on background processes due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-05-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/2a18b15dfbb8c494ab58679c4aceb83da9683441"], "severity":"High", "spl":"2021-05-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"106201601010299145585447321464861678273", "length":251}, "id":"ASB-A-174302616-0c59c1cb", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/2a18b15dfbb8c494ab58679c4aceb83da9683441", "target":{"file":"packages/SystemUI/src/com/android/systemui/pip/PipTaskOrganizer.java", "function":"getMinimalSize"}}, {"deprecated":false, "digest":{"function_hash":"38270790604965674303231817038993593383", "length":623}, "id":"ASB-A-174302616-38b2a866", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/2a18b15dfbb8c494ab58679c4aceb83da9683441", "target":{"file":"packages/SystemUI/src/com/android/systemui/pip/PipTaskOrganizer.java", "function":"PipTaskOrganizer"}}, {"deprecated":false, "digest":{"line_hashes":["29423217611525036359366842984240799869", "260836352169657055896056881854618202853", "74046802530112980557606519752672990267", "202103378685570828381906692132500514453", "127532565344631251922900014984402553205", "279668657787672416944238137887772574359", "314849036492053437374114127825960437279", "159394261980478723164312727262794516839", "105158130817451219931314261434466208045", "337360107215965921915790033944722334371", "286298943190374247481558240908275313816", "160160188110895454978245210431843381470", "20382678865945742883966417935566373972", "326562095577746172990329223450046278177", "156246733889041436681599665204314047732", "253210455020553412915312729508445722267"], "threshold":0.9}, "id":"ASB-A-174302616-3a89798a", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/2a18b15dfbb8c494ab58679c4aceb83da9683441", "target":{"file":"packages/SystemUI/src/com/android/systemui/pip/PipTaskOrganizer.java"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-05-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/aad7fdc4f82ad56e332d3c23c5d07719e069b099"}]}