ASB-A-159625731
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-159625731.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-159625731
- Aliases
-
- A-159625731
- CVE-2020-0452
- Published
- 2020-11-01T00:00:00Z
- Modified
- 2025-11-21T16:23:56.435667Z
- Summary
- [none]
- Details
-
In exifentryget_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/external/libexif
Package
- Name
- platform/external/libexif
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7"
],
"types": [
"RCE"
],
"vanir_signatures": [
{
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"id": "ASB-A-159625731-29557f15"
},
{
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"target": {
"file": "libexif/exif-entry.c"
},
"id": "ASB-A-159625731-58e1fa82"
}
],
"spl": "2020-11-01",
"severity": "High"
}platform/external/libexif
Package
- Name
- platform/external/libexif
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/79b5fcdc0a58dd62094f09697fcc8033148c80df"
],
"types": [
"RCE"
],
"vanir_signatures": [
{
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/79b5fcdc0a58dd62094f09697fcc8033148c80df",
"target": {
"file": "libexif/exif-entry.c"
},
"id": "ASB-A-159625731-8a485f31"
},
{
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/79b5fcdc0a58dd62094f09697fcc8033148c80df",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"id": "ASB-A-159625731-ecc8f716"
}
],
"spl": "2020-11-01",
"severity": "High"
}platform/external/libexif
Package
- Name
- platform/external/libexif
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7"
],
"types": [
"RCE"
],
"vanir_signatures": [
{
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"id": "ASB-A-159625731-0f86e893"
},
{
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"target": {
"file": "libexif/exif-entry.c"
},
"id": "ASB-A-159625731-610e5dce"
}
],
"spl": "2020-11-01",
"severity": "High"
}platform/external/libexif
Package
- Name
- platform/external/libexif
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7"
],
"types": [
"RCE"
],
"vanir_signatures": [
{
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"id": "ASB-A-159625731-83fc9f95"
},
{
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"target": {
"file": "libexif/exif-entry.c"
},
"id": "ASB-A-159625731-ca9f79df"
}
],
"spl": "2020-11-01",
"severity": "High"
}platform/external/libexif
Package
- Name
- platform/external/libexif
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7"
],
"types": [
"RCE"
],
"vanir_signatures": [
{
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"id": "ASB-A-159625731-9c1db66a"
},
{
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"target": {
"file": "libexif/exif-entry.c"
},
"id": "ASB-A-159625731-c0534477"
}
],
"spl": "2020-11-01",
"severity": "High"
}platform/external/libexif
Package
- Name
- platform/external/libexif
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7"
],
"types": [
"RCE"
],
"vanir_signatures": [
{
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 17208.0,
"function_hash": "263220040067256262802011496473458430110"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"target": {
"file": "libexif/exif-entry.c",
"function": "exif_entry_get_value"
},
"id": "ASB-A-159625731-36a8ca9e"
},
{
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"284322438145339945043720915456140922165",
"93281639976837326739273976352982873884",
"18325982235928269788913677721160134997",
"288125191916546280087425276079803197919",
"61811470730497895629839865950923936795",
"85008742746889107741124549964262222027",
"320703541205510993089784264294519513012",
"174698835426192614860996725383857514855"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/external/libexif/+/4c18b0fabf48fe4460b679805b0442d76a78bde7",
"target": {
"file": "libexif/exif-entry.c"
},
"id": "ASB-A-159625731-ec8d54ab"
}
],
"spl": "2020-11-01",
"severity": "High"
}