ASB-A-154123412
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-154123412.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-154123412
- Aliases
-
- A-154123412
- CVE-2020-0393
- Published
- 2020-09-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In decrypt and decrypt12 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 3907.0,
"function_hash": "109728586328180698170269393387687181735"
},
"id": "ASB-A-154123412-1a1cf797",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/av/+/fa3781fe0fb654659634d7b4703b6ed2ae27fdeb",
"target": {
"function": "CryptoPlugin::decrypt",
"file": "drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"264298949911011163485260866338663751604",
"162165386943074129890344111967353428831",
"321260939341565047502592092721249373289",
"95445627273052733647087968715126190674",
"185791323327423499094014338655029723057",
"235133831628138080813938267947226584165",
"98836766467885414717290561606848925229",
"6265937817132069051019203254786094955",
"234782443398414568774242020528581918728",
"129151522059000377054321590792143162104",
"28894278019313358731709792725770130376",
"14205559308580557353241853500839846131",
"307579484265804590906040002819876214750",
"328768580717269914582029291830375497512",
"38760217479676425291424770690410284359",
"153911281418542469346953742495630764503"
]
},
"id": "ASB-A-154123412-e112c623",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/av/+/fa3781fe0fb654659634d7b4703b6ed2ae27fdeb",
"target": {
"file": "drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/fa3781fe0fb654659634d7b4703b6ed2ae27fdeb"
],
"types": [
"ID"
],
"spl": "2020-09-01",
"severity": "High"
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"264298949911011163485260866338663751604",
"162165386943074129890344111967353428831",
"321260939341565047502592092721249373289",
"95445627273052733647087968715126190674",
"185791323327423499094014338655029723057",
"235133831628138080813938267947226584165",
"98836766467885414717290561606848925229",
"6265937817132069051019203254786094955",
"234782443398414568774242020528581918728",
"129151522059000377054321590792143162104",
"28894278019313358731709792725770130376",
"14205559308580557353241853500839846131",
"307579484265804590906040002819876214750",
"328768580717269914582029291830375497512",
"38760217479676425291424770690410284359",
"153911281418542469346953742495630764503"
]
},
"id": "ASB-A-154123412-7cb544f6",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/av/+/fa3781fe0fb654659634d7b4703b6ed2ae27fdeb",
"target": {
"file": "drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"
}
},
{
"digest": {
"length": 3907.0,
"function_hash": "109728586328180698170269393387687181735"
},
"id": "ASB-A-154123412-ce2334a6",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/av/+/fa3781fe0fb654659634d7b4703b6ed2ae27fdeb",
"target": {
"function": "CryptoPlugin::decrypt",
"file": "drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/fa3781fe0fb654659634d7b4703b6ed2ae27fdeb"
],
"types": [
"ID"
],
"spl": "2020-09-01",
"severity": "High"
}