{"id":"ASB-A-189942532", "published":"2021-12-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2021-0956", "A-189942532"], "details":"In NfcTag::discoverTechnologies (activation) of NfcTag.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additionalSystem execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/packages/apps/Nfc", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-12-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/apps/Nfc/+/7d90cc6e0556057571f9fde9785dd0658c1a3eb0"], "severity":"Critical", "spl":"2021-12-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["148383999050039299697949776434268375082", "15232978209917973695074134890878487282", "56809383103612786793670931461113421183", "255707818437162516059165103186273512609", "30747700971641059955489031061072886726", "319000633780742426535836983973396525321", "320179138657375371631415970276618416767", "139669197528390015241156794766235983555", "50682557065575578825218165840665105411"], "threshold":0.9}, "id":"ASB-A-189942532-0cdbcd58", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Nfc/+/7d90cc6e0556057571f9fde9785dd0658c1a3eb0", "target":{"file":"nci/jni/NfcTag.cpp"}}, {"deprecated":false, "digest":{"function_hash":"47086027144169610795673628513659128031", "length":4656}, "id":"ASB-A-189942532-a06c7065", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Nfc/+/7d90cc6e0556057571f9fde9785dd0658c1a3eb0", "target":{"file":"nci/jni/NfcTag.cpp", "function":"NfcTag::discoverTechnologies"}}]}}, {"package":{"name":"platform/packages/apps/Nfc", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2021-12-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/apps/Nfc/+/7d90cc6e0556057571f9fde9785dd0658c1a3eb0"], "severity":"Critical", "spl":"2021-12-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"47086027144169610795673628513659128031", "length":4656}, "id":"ASB-A-189942532-0230fc70", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Nfc/+/7d90cc6e0556057571f9fde9785dd0658c1a3eb0", "target":{"file":"nci/jni/NfcTag.cpp", "function":"NfcTag::discoverTechnologies"}}, {"deprecated":false, "digest":{"line_hashes":["148383999050039299697949776434268375082", "15232978209917973695074134890878487282", "56809383103612786793670931461113421183", "255707818437162516059165103186273512609", "30747700971641059955489031061072886726", "319000633780742426535836983973396525321", "320179138657375371631415970276618416767", "139669197528390015241156794766235983555", "50682557065575578825218165840665105411"], "threshold":0.9}, "id":"ASB-A-189942532-6addc6cd", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Nfc/+/7d90cc6e0556057571f9fde9785dd0658c1a3eb0", "target":{"file":"nci/jni/NfcTag.cpp"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-12-01"}]}