{"id":"ASB-A-187957589", "published":"2021-08-01T00:00:00Z", "modified":"2026-06-12T15:08:17.296522730Z", "aliases":["CVE-2021-0640", "A-187957589"], "details":"In noteAtomLogged of StatsdStats.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"9:0"}, {"fixed":"9:2021-08-01"}]}], "versions":["9"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/7f9b0a9fb0f5f1fff9243af7472f0a25cf7af23e"], "severity":"High", "spl":"2021-08-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["218310578500860490201991856156648074464", "128334360977750043425148833435883507242", "281155686375625775178797248971093424426", "306409085174042533954256400091166333161"], "threshold":0.9}, "id":"ASB-A-187957589-d540ce13", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/7f9b0a9fb0f5f1fff9243af7472f0a25cf7af23e", "target":{"file":"cmds/statsd/src/guardrail/StatsdStats.cpp"}}, {"deprecated":false, "digest":{"function_hash":"212623113113335101165880882464320555763", "length":265}, "id":"ASB-A-187957589-f61f8556", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/7f9b0a9fb0f5f1fff9243af7472f0a25cf7af23e", "target":{"file":"cmds/statsd/src/guardrail/StatsdStats.cpp", "function":"StatsdStats::noteAtomLogged"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2021-08-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/b13b741a94a3d1fc85277de22644c62778bd3adc"], "severity":"High", "spl":"2021-08-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"16692253331091255899339569695148445352", "length":337}, "id":"ASB-A-187957589-a1b7500b", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/b13b741a94a3d1fc85277de22644c62778bd3adc", "target":{"file":"cmds/statsd/src/guardrail/StatsdStats.cpp", "function":"StatsdStats::noteAtomLogged"}}, {"deprecated":false, "digest":{"line_hashes":["233745843382189759821355327949684258202", "290326730571959422592367587925063738855", "76205152548751388425430597755509979065", "183090020580011612459726398641070241911", "82802511456297941982137811718988298212", "250979201520337539637457224109691230305"], "threshold":0.9}, "id":"ASB-A-187957589-c98e7ea9", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/b13b741a94a3d1fc85277de22644c62778bd3adc", "target":{"file":"cmds/statsd/src/guardrail/StatsdStats.cpp"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-08-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/cc0bba36c7c326e2fb75f1531547d2ed861d392c"], "severity":"High", "spl":"2021-08-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"334978686990845983360367193933320524345", "length":318}, "id":"ASB-A-187957589-167b3202", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/cc0bba36c7c326e2fb75f1531547d2ed861d392c", "target":{"file":"cmds/statsd/src/guardrail/StatsdStats.cpp", "function":"StatsdStats::noteAtomLogged"}}, {"deprecated":false, "digest":{"line_hashes":["286429898787765940536258522979636683682", "67407610229995922092322167304233295542", "42689763493395915227063805515031163171", "73263904811897422185702818048666410956", "82802511456297941982137811718988298212", "250979201520337539637457224109691230305"], "threshold":0.9}, "id":"ASB-A-187957589-44902f22", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/cc0bba36c7c326e2fb75f1531547d2ed861d392c", "target":{"file":"cmds/statsd/src/guardrail/StatsdStats.cpp"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-08-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/fbe5177bd5d704dabf434458649fd93a07d8d654"}]}