ASB-A-170732441
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-170732441.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-170732441
- Aliases
-
- A-170732441
- CVE-2021-0330
- Published
- 2021-02-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In adduserce and removeuserce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/system/core
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 170.0,
"function_hash": "300167361355021078898744606461626013266"
},
"id": "ASB-A-170732441-3e541011",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::remove_user_ce",
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"148884704183119789745431446125644303789",
"151394682469363530294625898605493376541",
"86712825630336742764462619661373391625",
"232999621503221904690658452854100077325",
"280944976211515416952632778798809412816",
"319553659973294052510510398102967269421",
"279763494788592645457356422232975329263",
"118097696570985643310754771158743482698",
"223571053578481352040738937081701268036",
"230572787833601786447707060666103537776",
"294362824485928731244488060198716116015",
"237469369776047100256795032972842369864"
]
},
"id": "ASB-A-170732441-44e4e2c0",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"length": 140.0,
"function_hash": "167519093048703228946247534411643595271"
},
"id": "ASB-A-170732441-66204d59",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::add_user_ce",
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"333093573110175335429488746125791417920",
"24018071451441426132691213514785838416",
"86157176319259806533313412164058622231",
"209717233212138300468968030045070510455"
]
},
"id": "ASB-A-170732441-dd16adc0",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"file": "storaged/include/storaged.h"
}
},
{
"digest": {
"length": 167.0,
"function_hash": "231865747446807252932323662572475155023"
},
"id": "ASB-A-170732441-e1a66dcc",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::flush_protos",
"file": "storaged/storaged.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe"
],
"types": [
"EoP"
],
"spl": "2021-02-01",
"severity": "High"
}
Android / platform/system/core
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"148884704183119789745431446125644303789",
"151394682469363530294625898605493376541",
"86712825630336742764462619661373391625",
"232999621503221904690658452854100077325",
"280944976211515416952632778798809412816",
"319553659973294052510510398102967269421",
"279763494788592645457356422232975329263",
"118097696570985643310754771158743482698",
"223571053578481352040738937081701268036",
"230572787833601786447707060666103537776",
"294362824485928731244488060198716116015",
"237469369776047100256795032972842369864"
]
},
"id": "ASB-A-170732441-0796c768",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"length": 170.0,
"function_hash": "300167361355021078898744606461626013266"
},
"id": "ASB-A-170732441-7be477fa",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::remove_user_ce",
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"length": 140.0,
"function_hash": "167519093048703228946247534411643595271"
},
"id": "ASB-A-170732441-9850fc47",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::add_user_ce",
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"333093573110175335429488746125791417920",
"24018071451441426132691213514785838416",
"86157176319259806533313412164058622231",
"209717233212138300468968030045070510455"
]
},
"id": "ASB-A-170732441-c1598fd3",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"file": "storaged/include/storaged.h"
}
},
{
"digest": {
"length": 167.0,
"function_hash": "231865747446807252932323662572475155023"
},
"id": "ASB-A-170732441-cfa6677c",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::flush_protos",
"file": "storaged/storaged.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe"
],
"types": [
"EoP"
],
"spl": "2021-02-01",
"severity": "High"
}
Android / platform/system/core
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 167.0,
"function_hash": "231865747446807252932323662572475155023"
},
"id": "ASB-A-170732441-1158d785",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::flush_protos",
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"length": 170.0,
"function_hash": "300167361355021078898744606461626013266"
},
"id": "ASB-A-170732441-6c4bcf07",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::remove_user_ce",
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"333093573110175335429488746125791417920",
"24018071451441426132691213514785838416",
"86157176319259806533313412164058622231",
"209717233212138300468968030045070510455"
]
},
"id": "ASB-A-170732441-ca352177",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"file": "storaged/include/storaged.h"
}
},
{
"digest": {
"length": 140.0,
"function_hash": "167519093048703228946247534411643595271"
},
"id": "ASB-A-170732441-e54179dd",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::add_user_ce",
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"148884704183119789745431446125644303789",
"151394682469363530294625898605493376541",
"86712825630336742764462619661373391625",
"232999621503221904690658452854100077325",
"280944976211515416952632778798809412816",
"319553659973294052510510398102967269421",
"279763494788592645457356422232975329263",
"118097696570985643310754771158743482698",
"223571053578481352040738937081701268036",
"230572787833601786447707060666103537776",
"294362824485928731244488060198716116015",
"237469369776047100256795032972842369864"
]
},
"id": "ASB-A-170732441-f2c7691c",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"file": "storaged/storaged.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe"
],
"types": [
"EoP"
],
"spl": "2021-02-01",
"severity": "High"
}
Android / platform/system/core
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 167.0,
"function_hash": "231865747446807252932323662572475155023"
},
"id": "ASB-A-170732441-1ed244ac",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::flush_protos",
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"333093573110175335429488746125791417920",
"24018071451441426132691213514785838416",
"86157176319259806533313412164058622231",
"209717233212138300468968030045070510455"
]
},
"id": "ASB-A-170732441-3dbf4449",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"file": "storaged/include/storaged.h"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"148884704183119789745431446125644303789",
"151394682469363530294625898605493376541",
"86712825630336742764462619661373391625",
"232999621503221904690658452854100077325",
"280944976211515416952632778798809412816",
"319553659973294052510510398102967269421",
"279763494788592645457356422232975329263",
"118097696570985643310754771158743482698",
"223571053578481352040738937081701268036",
"230572787833601786447707060666103537776",
"294362824485928731244488060198716116015",
"237469369776047100256795032972842369864"
]
},
"id": "ASB-A-170732441-8337ed07",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"length": 140.0,
"function_hash": "167519093048703228946247534411643595271"
},
"id": "ASB-A-170732441-b158af31",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::add_user_ce",
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"length": 170.0,
"function_hash": "300167361355021078898744606461626013266"
},
"id": "ASB-A-170732441-c74cf62a",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::remove_user_ce",
"file": "storaged/storaged.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe"
],
"types": [
"EoP"
],
"spl": "2021-02-01",
"severity": "High"
}
Android / platform/system/core
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"148884704183119789745431446125644303789",
"151394682469363530294625898605493376541",
"86712825630336742764462619661373391625",
"232999621503221904690658452854100077325",
"280944976211515416952632778798809412816",
"319553659973294052510510398102967269421",
"279763494788592645457356422232975329263",
"118097696570985643310754771158743482698",
"223571053578481352040738937081701268036",
"230572787833601786447707060666103537776",
"294362824485928731244488060198716116015",
"237469369776047100256795032972842369864"
]
},
"id": "ASB-A-170732441-35c8589a",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"333093573110175335429488746125791417920",
"24018071451441426132691213514785838416",
"86157176319259806533313412164058622231",
"209717233212138300468968030045070510455"
]
},
"id": "ASB-A-170732441-468a8c06",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"file": "storaged/include/storaged.h"
}
},
{
"digest": {
"length": 170.0,
"function_hash": "300167361355021078898744606461626013266"
},
"id": "ASB-A-170732441-5ed38433",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::remove_user_ce",
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"length": 140.0,
"function_hash": "167519093048703228946247534411643595271"
},
"id": "ASB-A-170732441-90d6f80b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::add_user_ce",
"file": "storaged/storaged.cpp"
}
},
{
"digest": {
"length": 167.0,
"function_hash": "231865747446807252932323662572475155023"
},
"id": "ASB-A-170732441-a522127d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe",
"target": {
"function": "storaged_t::flush_protos",
"file": "storaged/storaged.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/system/core/+/79fc288f10814d5862a2320d0e0732040a4823fe"
],
"types": [
"EoP"
],
"spl": "2021-02-01",
"severity": "High"
}