ASB-A-161812320
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-161812320.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-161812320
- Aliases
-
- A-161812320
- CVE-2020-0438
- Published
- 2020-11-01T00:00:00Z
- Modified
- 2026-04-21T15:25:42.831358Z
- Summary
- [none]
- Details
-
In the AIBinderClass constructor of ibinder.cpp, there is a possible arbitrary code execution due to uninitialized data. This could lead to local escalation of privilege if a process were using libbinderndk in a vulnerable way with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/native
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"166853182971095957477295542990318855226",
"2714496182692667837940115498659040009",
"127929062338231145922199514350132922165"
]
},
"id": "ASB-A-161812320-03e75a9b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/882340762039c330283736187020f41334b60f05",
"target": {
"file": "libs/binder/ndk/tests/libbinder_ndk_unit_test.cpp"
}
},
{
"digest": {
"length": 1507.0,
"function_hash": "6692660950372729705060540801180559721"
},
"id": "ASB-A-161812320-17a8061e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/882340762039c330283736187020f41334b60f05",
"target": {
"function": "ABBinder::onTransact",
"file": "libs/binder/ndk/ibinder.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"13922026013675028407001722743555010547",
"237617003093890210114359234712291170391",
"219405424050546884940338494511715324280",
"119566248312543600779338226999319230832",
"182581632736243370490049382777622835574",
"236572504900660911225729334021913050525",
"301431736978975864467937568986792238562",
"218907331790811812538155140498544355941"
]
},
"id": "ASB-A-161812320-1c31474a",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/882340762039c330283736187020f41334b60f05",
"target": {
"file": "libs/binder/ndk/ibinder_internal.h"
}
},
{
"digest": {
"length": 432.0,
"function_hash": "24222033419103900466493647316503210414"
},
"id": "ASB-A-161812320-1caada43",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/882340762039c330283736187020f41334b60f05",
"target": {
"function": "IFoo::addService",
"file": "libs/binder/ndk/tests/iface.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"337953460655781670954193138801848487872",
"129737973091506341549555497449437046760",
"166341565519246474420017384019488169919",
"43085590477963808790312978891684483105"
]
},
"id": "ASB-A-161812320-4870102c",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/882340762039c330283736187020f41334b60f05",
"target": {
"file": "libs/binder/ndk/ibinder.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"166846193524674178006558397101840566531",
"190330214196064866872130790560553921089",
"126345581594453208055667319110442750718"
]
},
"id": "ASB-A-161812320-732099de",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/882340762039c330283736187020f41334b60f05",
"target": {
"file": "libs/binder/ndk/tests/include/iface/iface.h"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"315785499823683027533714458595445267303",
"186193274819663599976554617998107598682",
"75193321492464836734796987614755455116",
"160750622868819087105985984949384490650",
"116552410365698554304017692825057346924",
"142696787752292026367259100555575150769",
"58627899538112562548751526190996095836",
"83498136934319160209930637927120875644",
"59564831642801405582725424701065084564"
]
},
"id": "ASB-A-161812320-fd963a39",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/882340762039c330283736187020f41334b60f05",
"target": {
"file": "libs/binder/ndk/tests/iface.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/native/+/882340762039c330283736187020f41334b60f05"
],
"types": [
"EoP"
],
"spl": "2020-11-01",
"severity": "High"
}
Android / platform/frameworks/native
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"13922026013675028407001722743555010547",
"237617003093890210114359234712291170391",
"219405424050546884940338494511715324280",
"119566248312543600779338226999319230832",
"187701804535008349201468938291727747670",
"105129803371113960669159704341731600041",
"220404689486226927036787968493060335824"
]
},
"id": "ASB-A-161812320-3cb98a16",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/8d49c3fbae160936ac44a1213e53e6cf617ee867",
"target": {
"file": "libs/binder/ndk/ibinder_internal.h"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"166846193524674178006558397101840566531",
"190330214196064866872130790560553921089",
"126345581594453208055667319110442750718"
]
},
"id": "ASB-A-161812320-6dcb8bac",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/8d49c3fbae160936ac44a1213e53e6cf617ee867",
"target": {
"file": "libs/binder/ndk/test/include/iface/iface.h"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"315785499823683027533714458595445267303",
"186193274819663599976554617998107598682",
"75193321492464836734796987614755455116",
"160750622868819087105985984949384490650",
"116552410365698554304017692825057346924",
"142696787752292026367259100555575150769",
"58627899538112562548751526190996095836",
"83498136934319160209930637927120875644",
"59564831642801405582725424701065084564"
]
},
"id": "ASB-A-161812320-aacb7cfb",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/8d49c3fbae160936ac44a1213e53e6cf617ee867",
"target": {
"file": "libs/binder/ndk/test/iface.cpp"
}
},
{
"digest": {
"length": 432.0,
"function_hash": "24222033419103900466493647316503210414"
},
"id": "ASB-A-161812320-bbe0b51f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/8d49c3fbae160936ac44a1213e53e6cf617ee867",
"target": {
"function": "IFoo::addService",
"file": "libs/binder/ndk/test/iface.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"166853182971095957477295542990318855226",
"2714496182692667837940115498659040009",
"127929062338231145922199514350132922165"
]
},
"id": "ASB-A-161812320-f8281d3d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/8d49c3fbae160936ac44a1213e53e6cf617ee867",
"target": {
"file": "libs/binder/ndk/test/main_client.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/native/+/8d49c3fbae160936ac44a1213e53e6cf617ee867"
],
"types": [
"EoP"
],
"spl": "2020-11-01",
"severity": "High"
}
Android / platform/frameworks/native
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 432.0,
"function_hash": "24222033419103900466493647316503210414"
},
"id": "ASB-A-161812320-2ade344f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/deb5346761308d9cda3a249283a482a1ce08549e",
"target": {
"function": "IFoo::addService",
"file": "libs/binder/ndk/test/iface.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"166846193524674178006558397101840566531",
"190330214196064866872130790560553921089",
"126345581594453208055667319110442750718"
]
},
"id": "ASB-A-161812320-35296a65",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/deb5346761308d9cda3a249283a482a1ce08549e",
"target": {
"file": "libs/binder/ndk/test/include/iface/iface.h"
}
},
{
"digest": {
"length": 1507.0,
"function_hash": "6692660950372729705060540801180559721"
},
"id": "ASB-A-161812320-67d3a80b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/deb5346761308d9cda3a249283a482a1ce08549e",
"target": {
"function": "ABBinder::onTransact",
"file": "libs/binder/ndk/ibinder.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"13922026013675028407001722743555010547",
"237617003093890210114359234712291170391",
"219405424050546884940338494511715324280",
"119566248312543600779338226999319230832",
"182581632736243370490049382777622835574",
"236572504900660911225729334021913050525",
"301431736978975864467937568986792238562",
"218907331790811812538155140498544355941"
]
},
"id": "ASB-A-161812320-ad2df558",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/deb5346761308d9cda3a249283a482a1ce08549e",
"target": {
"file": "libs/binder/ndk/ibinder_internal.h"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"337953460655781670954193138801848487872",
"129737973091506341549555497449437046760",
"166341565519246474420017384019488169919",
"43085590477963808790312978891684483105"
]
},
"id": "ASB-A-161812320-b9e2be20",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/deb5346761308d9cda3a249283a482a1ce08549e",
"target": {
"file": "libs/binder/ndk/ibinder.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"166853182971095957477295542990318855226",
"2714496182692667837940115498659040009",
"127929062338231145922199514350132922165"
]
},
"id": "ASB-A-161812320-ee0f9107",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/deb5346761308d9cda3a249283a482a1ce08549e",
"target": {
"file": "libs/binder/ndk/test/libbinder_ndk_unit_test.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"315785499823683027533714458595445267303",
"186193274819663599976554617998107598682",
"75193321492464836734796987614755455116",
"160750622868819087105985984949384490650",
"116552410365698554304017692825057346924",
"142696787752292026367259100555575150769",
"58627899538112562548751526190996095836",
"83498136934319160209930637927120875644",
"59564831642801405582725424701065084564"
]
},
"id": "ASB-A-161812320-ff6d4ddd",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/deb5346761308d9cda3a249283a482a1ce08549e",
"target": {
"file": "libs/binder/ndk/test/iface.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/native/+/deb5346761308d9cda3a249283a482a1ce08549e"
],
"types": [
"EoP"
],
"spl": "2020-11-01",
"severity": "High"
}