
image credit: pexels
The vulnerability in question, tracked as CVE-2020-11261, was patched by Google with the Android security updates released in January 2021.
The vulnerability is a high-severity improper input validation issue affecting a display/graphics component from Qualcomm. The flaw was reported to Qualcomm through Google in July 2020 and it affects a long list of chipsets.
In Qualcomm’s advisory, CVE-2020-11261 is described as a “memory corruption due to improper check to return error when user application requests memory allocation of a huge size.”