ASB-A-153450752

See a problem?

Import Source

https://storage.googleapis.com/android-osv/ASB-A-153450752.json

JSON Data

https://api.osv.dev/v1/vulns/ASB-A-153450752

Aliases

A-153450752
CVE-2020-0407

Published

2020-09-01T00:00:00Z

Modified

2026-06-12T15:08:17.296522730Z

Summary

[none]

Details

In various functions in fscrypt_ice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs (Initialization Vectors), 64-bit IVs are used and later are truncated to 32 bits. This may cause IV reuse and thus weakened disk encryption. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

References

https://source.android.com/security/bulletin/2020-09-01

Affected packages

Android / :unknown:

Package

Name: :unknown:

Affected ranges

Type: ECOSYSTEM
Events: Introduced

:0

Fixed

:2020-09-05

Affected versions

Other

Kernel

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "spl": "2020-09-05",
    "severity": "High"
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-153450752.json"