{"id":"ASB-A-178725766", "published":"2021-04-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2021-0430", "A-178725766"], "details":"In rw_mfc_handle_read_op of rw_mfc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution via a malicious NFC packet with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/system/nfc", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2021-04-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/nfc/+/147b052f8456872081c18af85573eeb186c6efc2"], "severity":"Critical", "spl":"2021-04-01", "types":["RCE"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["96286498381106398995438837450991210433", "231417792723668579429895987669067954210", "28365524993106854423848162659127831792", "275234176995760180664424792344073227614", "11447692766712693790054707364558551516", "306605473653864100108542188896959042454", "116294950756372123268645695692917584504", "1728836358333267538862092116975887264", "38864337599114862581871324515683262523", "35506126056635191120134123765526725509", "274252804568141548430669211576527300341", "114264929086978254196707874989496860201", "193917498940285634015113041391721839910", "269007645675242652289343423548548410051", "251011635336640036980823830930925547522", "318085585267862951496864666866506085406", "32116902297251921444930698209727560727", "323205392654266556555657332387270785766"], "threshold":0.9}, "id":"ASB-A-178725766-74e55351", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/nfc/+/147b052f8456872081c18af85573eeb186c6efc2", "target":{"file":"src/nfc/tags/rw_mfc.cc"}}, {"deprecated":false, "digest":{"function_hash":"56645022171651191069229893407278072538", "length":1392}, "id":"ASB-A-178725766-b39d9135", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/nfc/+/147b052f8456872081c18af85573eeb186c6efc2", "target":{"file":"src/nfc/tags/rw_mfc.cc", "function":"rw_mfc_handle_read_op"}}]}}, {"package":{"name":"platform/system/nfc", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-04-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/nfc/+/147b052f8456872081c18af85573eeb186c6efc2"], "severity":"Critical", "spl":"2021-04-01", "types":["RCE"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["96286498381106398995438837450991210433", "231417792723668579429895987669067954210", "28365524993106854423848162659127831792", "275234176995760180664424792344073227614", "11447692766712693790054707364558551516", "306605473653864100108542188896959042454", "116294950756372123268645695692917584504", "1728836358333267538862092116975887264", "38864337599114862581871324515683262523", "35506126056635191120134123765526725509", "274252804568141548430669211576527300341", "114264929086978254196707874989496860201", "193917498940285634015113041391721839910", "269007645675242652289343423548548410051", "251011635336640036980823830930925547522", "318085585267862951496864666866506085406", "32116902297251921444930698209727560727", "323205392654266556555657332387270785766"], "threshold":0.9}, "id":"ASB-A-178725766-922292c7", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/nfc/+/147b052f8456872081c18af85573eeb186c6efc2", "target":{"file":"src/nfc/tags/rw_mfc.cc"}}, {"deprecated":false, "digest":{"function_hash":"56645022171651191069229893407278072538", "length":1392}, "id":"ASB-A-178725766-983c469a", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/nfc/+/147b052f8456872081c18af85573eeb186c6efc2", "target":{"file":"src/nfc/tags/rw_mfc.cc", "function":"rw_mfc_handle_read_op"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-04-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/system/nfc/+/02f7762236890ce05385ccd19bfaf9821cba9e2e"}]}