ASB-A-159625731
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-159625731.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-159625731
- Aliases
-
- A-159625731
- CVE-2020-0452
- Published
- 2020-11-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In exifentryget_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/external/libexif
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"id": "ASB-A-159625731-29557f15",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
]
},
"id": "ASB-A-159625731-58e1fa82",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"RCE"
]
}
Android / platform/external/libexif
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
]
},
"id": "ASB-A-159625731-8a485f31",
"source": "https://android.googlesource.com/platform/external/libexif/+/79b5fcdc0a58dd62094f09697fcc8033148c80df",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"id": "ASB-A-159625731-ecc8f716",
"source": "https://android.googlesource.com/platform/external/libexif/+/79b5fcdc0a58dd62094f09697fcc8033148c80df",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/79b5fcdc0a58dd62094f09697fcc8033148c80df"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"RCE"
]
}
Android / platform/external/libexif
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"id": "ASB-A-159625731-0f86e893",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
]
},
"id": "ASB-A-159625731-610e5dce",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"RCE"
]
}
Android / platform/external/libexif
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"id": "ASB-A-159625731-83fc9f95",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
]
},
"id": "ASB-A-159625731-ca9f79df",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"RCE"
]
}
Android / platform/external/libexif
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"id": "ASB-A-159625731-9c1db66a",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
]
},
"id": "ASB-A-159625731-c0534477",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"RCE"
]
}
Android / platform/external/libexif
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"id": "ASB-A-159625731-36a8ca9e",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
]
},
"id": "ASB-A-159625731-ec8d54ab",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libexif/exif-entry.c"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"RCE"
]
}