QwikSec

Security Database

CVE

CWE

Training

CVE-2021-38788

Published: Jan 19, 2022

Modified: Aug 4, 2024

PUBLISHED

Description

The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background applications. Malicious apps can use the interface provided by the service to set the number of applications allowed to run in the background to 0 and add themselves to the whitelist, so that once other applications enter the background, they will be forcibly stopped by the system, causing a denial of service.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.allwinnertech.com/index.php?c=product&a=index&id=92

x_refsource_MISC

https://github.com/pokerfacett/MY_CVE_CREDIT/blob/master/Allwinner%20R818%20SoC%EF%BC%9Abackground%20service%20has%20EoP%20Vulnerability.md

x_refsource_MISC

https://www.cnvd.org.cn/flaw/show/CNVD-2021-46928

x_refsource_MISC

https://vul.wangan.com/a/CNVD-2021-46928

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.