CVE-2021-0955 – This CVE describes a race condition vulnerabili... (How to Fix)

Q: What is the severity of CVE-2021-0955?

CVE-2021-0955 has a CVSS score of 7.0 (HIGH). This CVE describes a race condition vulnerability in Android's FuseDaemon that could allow local privilege escalation. An attacker could exploit memory corruption to gain elevated privileges without user interaction. Only Android 11 devices are affected.

📋 TL;DR

This CVE describes a race condition vulnerability in Android's FuseDaemon that could allow local privilege escalation. An attacker could exploit memory corruption to gain elevated privileges without user interaction. Only Android 11 devices are affected.

💻 Affected Systems

Products:

Android

Versions: Android 11 only

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects devices running Android 11. Devices that have received the December 2021 security patch are not vulnerable.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full device compromise with attacker gaining root/system privileges, allowing installation of persistent malware, data theft, and complete control of the device.

🟠

Likely Case

Local attacker gains elevated privileges to access sensitive data, install malicious apps, or modify system settings.

🟢

If Mitigated

With proper patching, the vulnerability is eliminated. On unpatched devices, standard Android sandboxing provides some protection but not complete mitigation.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local access to the device.

🏢 Internal Only: HIGH - Malicious apps or users with physical/network access to the device could exploit this to gain elevated privileges.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access and knowledge of race condition timing. No public exploit code has been documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Patch Level December 2021 or later

Vendor Advisory: https://source.android.com/security/bulletin/2021-12-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > System update. 2. Install the December 2021 Android security patch or later. 3. Reboot the device after installation.

🔧 Temporary Workarounds

No effective workarounds

all

This is a kernel-level race condition that cannot be mitigated without patching.

🧯 If You Can't Patch

Restrict physical access to devices
Implement strict app installation policies and only install apps from trusted sources

🔍 How to Verify

Check if Vulnerable:

Check Android version and security patch level in Settings > About phone > Android version and Security patch level.

Check Version:

adb shell getprop ro.build.version.release && adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify Security patch level shows 'December 1, 2021' or later in Settings > About phone.

📡 Detection & Monitoring

Log Indicators:

Kernel crash logs, unexpected privilege escalation attempts in system logs

Network Indicators:

None - this is a local exploit

SIEM Query:

Search for kernel panic events or unexpected process privilege changes on Android devices

📊 Metadata

CVE ID: CVE-2021-0955

CVSS v3 Score: 7.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-362

Published: December 15, 2021

Last Updated: November 21, 2024

🔗 References

https://source.android.com/security/bulletin/2021-12-01 Vendor Advisory
https://source.android.com/security/bulletin/2021-12-01 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-0955, you might also want to check these: