CVE-2021-0874 – This CVE describes an integer overflow vulnerab... (How to Fix)

Q: What is the severity of CVE-2021-0874?

CVE-2021-0874 has a CVSS score of 7.8 (HIGH). This CVE describes an integer overflow vulnerability in the PowerVR kernel driver on Android devices. It allows local attackers to gain escalated privileges without user interaction by exploiting missing size checks that lead to out-of-bounds heap access. This affects Android devices using PowerVR graphics hardware.

📋 TL;DR

This CVE describes an integer overflow vulnerability in the PowerVR kernel driver on Android devices. It allows local attackers to gain escalated privileges without user interaction by exploiting missing size checks that lead to out-of-bounds heap access. This affects Android devices using PowerVR graphics hardware.

💻 Affected Systems

Products:

Android devices with PowerVR graphics hardware

Versions: Android versions with vulnerable PowerVR kernel driver (specific versions not detailed in CVE)

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Affects Android System-on-Chip (SoC) implementations using PowerVR graphics. Requires specific hardware/driver combination.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full device compromise with kernel-level access, allowing installation of persistent malware, data theft, and complete system control.

🟠

Likely Case

Local privilege escalation enabling attackers to bypass security restrictions, access sensitive data, and install malicious applications.

🟢

If Mitigated

Limited impact with proper patch management and security controls in place, though still a serious local vulnerability.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local access to the device.

🏢 Internal Only: HIGH - Malicious apps or users with physical access could exploit this to gain elevated privileges on affected devices.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and knowledge of kernel memory layout. No user interaction needed for exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android security updates from April 2023 onward

Vendor Advisory: https://source.android.com/security/bulletin/2023-04-01

Restart Required: Yes

Instructions:

1. Apply Android security updates from April 2023 or later. 2. Update device firmware through manufacturer channels. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Restrict local app installation

android

Limit installation of untrusted applications to reduce attack surface

adb shell settings put secure install_non_market_apps 0

🧯 If You Can't Patch

Isolate affected devices from sensitive networks and data
Implement strict application whitelisting and monitoring

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level (Settings > About phone > Android security patch level) - if before April 2023, likely vulnerable

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify Android security patch level is April 2023 or later

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Unusual privilege escalation attempts in system logs
SELinux/AppArmor denials related to PowerVR driver

Network Indicators:

Not applicable - local vulnerability

SIEM Query:

source="android_system" AND ("PowerVR" OR "PVRSRV" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2021-0874

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-190

Published: April 19, 2023

Last Updated: February 5, 2025

🔗 References

https://source.android.com/security/bulletin/2023-04-01 Vendor Advisory
https://source.android.com/security/bulletin/2023-04-01 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-0874, you might also want to check these: