{"id":"ASB-A-189824175", "published":"2021-11-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2021-0927", "A-189824175"], "details":"In requestChannelBrowsable of TvInputManagerService.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":":unknown:", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"8.1:0"}, {"fixed":"8.1:2021-11-05"}]}], "versions":["8.1"], "ecosystem_specific":{"severity":"High", "spl":"2021-11-05", "types":["EoP"]}}, {"package":{"name":":unknown:", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"9:0"}, {"fixed":"9:2021-11-05"}]}], "versions":["9"], "ecosystem_specific":{"severity":"High", "spl":"2021-11-05", "types":["EoP"]}}, {"package":{"name":":unknown:", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2021-11-05"}]}], "versions":["10"], "ecosystem_specific":{"severity":"High", "spl":"2021-11-05", "types":["EoP"]}}, {"package":{"name":":unknown:", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-11-05"}]}], "versions":["11"], "ecosystem_specific":{"severity":"High", "spl":"2021-11-05", "types":["EoP"]}}, {"package":{"name":":unknown:", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2021-11-05"}]}], "versions":["12"], "ecosystem_specific":{"severity":"High", "spl":"2021-11-05", "types":["EoP"]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-11-01"}]}