ASB-A-134155286
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-134155286.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-134155286
- Aliases
-
- A-134155286
- CVE-2021-0340
- Published
- 2021-02-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android / platform/packages/providers/MediaProvider
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 259.0,
"function_hash": "292035518786695679611601214141772954645"
},
"id": "ASB-A-134155286-0543be66",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/f44d9bc12acec4e7ad42b441817a99bd2223d062",
"target": {
"function": "getBoxRanges",
"file": "src/com/android/providers/media/util/IsoInterface.java"
}
},
{
"digest": {
"length": 322.0,
"function_hash": "279875244508214158471090146322426083267"
},
"id": "ASB-A-134155286-6b3a7250",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/f44d9bc12acec4e7ad42b441817a99bd2223d062",
"target": {
"function": "getBoxRanges",
"file": "src/com/android/providers/media/util/IsoInterface.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"268228758324390843414162383629943262667",
"106338333825327345674694979215745296474",
"20617389075434722900938900761281305537",
"307848035738450406711454791370038662582",
"175365076456104223585458988653860681284",
"106849254300876817969330532508216580060",
"201546203449102052165792626115078039333",
"167652294591899820989795277070630001617",
"39529703296118730778687213854969934619",
"176259973595900665236849395181218608677",
"277041973508598932975667832005386779268",
"48595783937967688938337794653923676855",
"78631325385833800313975208451133506107",
"35660118512784878135574227569014596835",
"6174244611368907474923183998748343973",
"317168480241663186866395844170933289051",
"331892373634461526138033623284446318558",
"228040401130877982012432210847814486485",
"41984686234759110752386392470932845580",
"317577682397241759969128330488387233015",
"91663297808789087512723682423054076623",
"179914996054761131219628305468329028875",
"340071206681421262920555336381456713881",
"61132471900648225448498102710330067631",
"142634712158492898982632769578073260442",
"109679768470731038603863163077077217636",
"280402400331865991295527157519095904636",
"56688264451942779458275246892433730335",
"149853932559917961143732516947134051502",
"42088633993235300641377534467577896743",
"182242129488127606159270642858688186339",
"121388775180067699925999175033912648291",
"238729589240195187320018869417974569586",
"124583692822165832255441251201059865490",
"292862642233992591664682773388325806668",
"229234917573231479241246948638286275894",
"63843711104405186234463960877396894794",
"230814030703340725493856260296889839429",
"90390447539797438512567815924724813641",
"55943645370655447664463134085379305613",
"142170747817581839761482439530223542203",
"45890547343712454070374101585998039162",
"91677465009324693598163393623193498379",
"44725737040032930672509640592668051356",
"33149591675479828298259234679611297004"
]
},
"id": "ASB-A-134155286-6e20908c",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/f44d9bc12acec4e7ad42b441817a99bd2223d062",
"target": {
"file": "src/com/android/providers/media/util/IsoInterface.java"
}
},
{
"digest": {
"length": 1409.0,
"function_hash": "311809117040377395518855713665076758187"
},
"id": "ASB-A-134155286-fc7098be",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/f44d9bc12acec4e7ad42b441817a99bd2223d062",
"target": {
"function": "parseNextBox",
"file": "src/com/android/providers/media/util/IsoInterface.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/f44d9bc12acec4e7ad42b441817a99bd2223d062"
],
"types": [
"EoP"
],
"spl": "2021-02-01",
"severity": "High"
}
Android / platform/packages/providers/MediaProvider
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"268228758324390843414162383629943262667",
"106338333825327345674694979215745296474",
"20617389075434722900938900761281305537",
"307848035738450406711454791370038662582",
"175365076456104223585458988653860681284",
"106849254300876817969330532508216580060",
"201546203449102052165792626115078039333",
"167652294591899820989795277070630001617",
"39529703296118730778687213854969934619",
"176259973595900665236849395181218608677",
"277041973508598932975667832005386779268",
"48595783937967688938337794653923676855",
"78631325385833800313975208451133506107",
"35660118512784878135574227569014596835",
"6174244611368907474923183998748343973",
"317168480241663186866395844170933289051",
"331892373634461526138033623284446318558",
"228040401130877982012432210847814486485",
"41984686234759110752386392470932845580",
"317577682397241759969128330488387233015",
"91663297808789087512723682423054076623",
"179914996054761131219628305468329028875",
"340071206681421262920555336381456713881",
"61132471900648225448498102710330067631",
"142634712158492898982632769578073260442",
"109679768470731038603863163077077217636",
"280402400331865991295527157519095904636",
"56688264451942779458275246892433730335",
"149853932559917961143732516947134051502",
"42088633993235300641377534467577896743",
"182242129488127606159270642858688186339",
"121388775180067699925999175033912648291",
"238729589240195187320018869417974569586",
"124583692822165832255441251201059865490",
"292862642233992591664682773388325806668",
"229234917573231479241246948638286275894",
"63843711104405186234463960877396894794",
"230814030703340725493856260296889839429",
"90390447539797438512567815924724813641",
"55943645370655447664463134085379305613",
"142170747817581839761482439530223542203",
"45890547343712454070374101585998039162",
"91677465009324693598163393623193498379",
"44725737040032930672509640592668051356",
"33149591675479828298259234679611297004"
]
},
"id": "ASB-A-134155286-013d5d77",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/f44d9bc12acec4e7ad42b441817a99bd2223d062",
"target": {
"file": "src/com/android/providers/media/util/IsoInterface.java"
}
},
{
"digest": {
"length": 259.0,
"function_hash": "292035518786695679611601214141772954645"
},
"id": "ASB-A-134155286-2fdbcc70",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/f44d9bc12acec4e7ad42b441817a99bd2223d062",
"target": {
"function": "getBoxRanges",
"file": "src/com/android/providers/media/util/IsoInterface.java"
}
},
{
"digest": {
"length": 1409.0,
"function_hash": "311809117040377395518855713665076758187"
},
"id": "ASB-A-134155286-6deda4dc",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/f44d9bc12acec4e7ad42b441817a99bd2223d062",
"target": {
"function": "parseNextBox",
"file": "src/com/android/providers/media/util/IsoInterface.java"
}
},
{
"digest": {
"length": 322.0,
"function_hash": "279875244508214158471090146322426083267"
},
"id": "ASB-A-134155286-946f0e1d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/f44d9bc12acec4e7ad42b441817a99bd2223d062",
"target": {
"function": "getBoxRanges",
"file": "src/com/android/providers/media/util/IsoInterface.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/f44d9bc12acec4e7ad42b441817a99bd2223d062"
],
"types": [
"EoP"
],
"spl": "2021-02-01",
"severity": "High"
}