ASB-A-174150451

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-174150451.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-174150451
Aliases
Published
2021-04-01T00:00:00Z
Modified
2026-04-28T15:17:37.552933Z
Summary
[none]
Details

In avrcprocvendorcommand of avrcapi.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/system/bt

Package

Name
platform/system/bt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
8.1:0
Fixed
8.1:2021-04-01

Affected versions

8.*
8.1

Ecosystem specific 

{
    "spl": "2021-04-01",
    "fixes": [
        "https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9"
    ],
    "types": [
        "ID"
    ],
    "vanir_signatures": [
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "234731378143251965468061532815581472551",
                    "167774733209960506572467443926203491903",
                    "47802622381427373253647455478457623346",
                    "48330210889850056886396232568450657951"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9",
            "target": {
                "file": "stack/avrc/avrc_bld_tg.cc"
            },
            "id": "ASB-A-174150451-74215a8a"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "25826080849010929453199241606739219817",
                    "102699952416098053887376505143307429909",
                    "143806720553538244026322564558936295054",
                    "164986021732157641338903864090109453599",
                    "301897657201426727004466536346062316563",
                    "235051942682550393409806500189940635228",
                    "335461943414066905902007995014316866781",
                    "17672392233449697628085473547180750898",
                    "283758634364552150370415211695472900701",
                    "328828160620845234744149755929506441462",
                    "2473565245579495761465996430830724257",
                    "237534467320708155262103903879152969563",
                    "92281194400390846616166060402022375024",
                    "273786359158106482533735481861079682424",
                    "2473565245579495761465996430830724257"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9",
            "target": {
                "file": "stack/avrc/avrc_opt.cc"
            },
            "id": "ASB-A-174150451-7a9d3afa"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "212232968038250104482858979702624275750",
                    "287953352903989519456069944207679403882",
                    "14845834421420998534332396403871764925",
                    "86765202564817590807824327682356097034",
                    "8506577065875201243658029685407892248",
                    "153830244189308337431089565302096752200",
                    "73574399449172278035838437690423107102",
                    "63857392560911243568061870531660418492",
                    "96243532706110030824140961784393634458",
                    "229509219505541565945915529457539584181",
                    "319773369222130466408546408420315488895",
                    "147819627739377103061854328410232522877"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9",
            "target": {
                "file": "stack/avrc/avrc_pars_ct.cc"
            },
            "id": "ASB-A-174150451-9c01d0da"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "192017400156636417478041847225283769262",
                    "204933172455221844431769346722526320436",
                    "128025510019479700929535966870254602330",
                    "106559417459498412872629760774672706722"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9",
            "target": {
                "file": "stack/avrc/avrc_bld_ct.cc"
            },
            "id": "ASB-A-174150451-9e02d8c6"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "281586568184723237172444381729300620204",
                    "306697745755003438563806121171698237921",
                    "246586741718193978242302054708553414208",
                    "26712992996311895937855388050883467232",
                    "54956135029244385601389859387513915205",
                    "271920638373074614745749988322912009199",
                    "38460664457821042895159081114458950003",
                    "115501079431548383753885003523860011552",
                    "260753540820306009469377490923685320691",
                    "200185611935206458241668081075162626223",
                    "212032984932251426289010321427003686672",
                    "85944363988905834904253026670568579462",
                    "108257629627401211972918736109316858296",
                    "216950027845380205798371590433193650133",
                    "259995555082482069524698370838857702055",
                    "205609846645742308176480653515058253116",
                    "114168609634170520250270269816526217257",
                    "204378047892081571998556994878344192203",
                    "289073611432386177713347243982592391836",
                    "43529288571653165473129009061182640404"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9",
            "target": {
                "file": "stack/avrc/avrc_api.cc"
            },
            "id": "ASB-A-174150451-ba34beb7"
        }
    ],
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-174150451.json"

Android / platform/system/bt

Package

Name
platform/system/bt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
9:0
Fixed
9:2021-04-01

Affected versions

Other
9

Ecosystem specific 

{
    "spl": "2021-04-01",
    "fixes": [
        "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c"
    ],
    "types": [
        "ID"
    ],
    "vanir_signatures": [
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "234731378143251965468061532815581472551",
                    "167774733209960506572467443926203491903",
                    "47802622381427373253647455478457623346",
                    "48330210889850056886396232568450657951"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_bld_tg.cc"
            },
            "id": "ASB-A-174150451-0ccf6ce1"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "192017400156636417478041847225283769262",
                    "204933172455221844431769346722526320436",
                    "128025510019479700929535966870254602330",
                    "106559417459498412872629760774672706722"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_bld_ct.cc"
            },
            "id": "ASB-A-174150451-269a6c55"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "281586568184723237172444381729300620204",
                    "306697745755003438563806121171698237921",
                    "246586741718193978242302054708553414208",
                    "26712992996311895937855388050883467232",
                    "54956135029244385601389859387513915205",
                    "271920638373074614745749988322912009199",
                    "38460664457821042895159081114458950003",
                    "115501079431548383753885003523860011552",
                    "260753540820306009469377490923685320691",
                    "200185611935206458241668081075162626223",
                    "212032984932251426289010321427003686672",
                    "85944363988905834904253026670568579462",
                    "108257629627401211972918736109316858296",
                    "216950027845380205798371590433193650133",
                    "259995555082482069524698370838857702055",
                    "205609846645742308176480653515058253116",
                    "114168609634170520250270269816526217257",
                    "204378047892081571998556994878344192203",
                    "289073611432386177713347243982592391836",
                    "43529288571653165473129009061182640404"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_api.cc"
            },
            "id": "ASB-A-174150451-43571dba"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "195777170528215756133034883432980774837",
                    "82158292724028221019740140516383577821",
                    "29249664797217387640288612680381725591",
                    "51246449051180649641476430904217421430",
                    "17672392233449697628085473547180750898",
                    "283758634364552150370415211695472900701",
                    "328828160620845234744149755929506441462",
                    "2473565245579495761465996430830724257",
                    "237534467320708155262103903879152969563",
                    "92281194400390846616166060402022375024",
                    "273786359158106482533735481861079682424",
                    "2473565245579495761465996430830724257"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_opt.cc"
            },
            "id": "ASB-A-174150451-767f098f"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "212232968038250104482858979702624275750",
                    "287953352903989519456069944207679403882",
                    "14845834421420998534332396403871764925",
                    "86765202564817590807824327682356097034",
                    "8506577065875201243658029685407892248",
                    "153830244189308337431089565302096752200",
                    "73574399449172278035838437690423107102",
                    "63857392560911243568061870531660418492",
                    "96243532706110030824140961784393634458",
                    "229509219505541565945915529457539584181",
                    "319773369222130466408546408420315488895",
                    "147819627739377103061854328410232522877"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_pars_ct.cc"
            },
            "id": "ASB-A-174150451-efeddce6"
        }
    ],
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-174150451.json"

Android / platform/system/bt

Package

Name
platform/system/bt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2021-04-01

Affected versions

Other
10

Ecosystem specific 

{
    "spl": "2021-04-01",
    "fixes": [
        "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c"
    ],
    "types": [
        "ID"
    ],
    "vanir_signatures": [
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "212232968038250104482858979702624275750",
                    "287953352903989519456069944207679403882",
                    "14845834421420998534332396403871764925",
                    "86765202564817590807824327682356097034",
                    "8506577065875201243658029685407892248",
                    "153830244189308337431089565302096752200",
                    "73574399449172278035838437690423107102",
                    "63857392560911243568061870531660418492",
                    "96243532706110030824140961784393634458",
                    "229509219505541565945915529457539584181",
                    "319773369222130466408546408420315488895",
                    "147819627739377103061854328410232522877"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_pars_ct.cc"
            },
            "id": "ASB-A-174150451-14462885"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "234731378143251965468061532815581472551",
                    "167774733209960506572467443926203491903",
                    "47802622381427373253647455478457623346",
                    "48330210889850056886396232568450657951"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_bld_tg.cc"
            },
            "id": "ASB-A-174150451-3f734440"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "281586568184723237172444381729300620204",
                    "306697745755003438563806121171698237921",
                    "246586741718193978242302054708553414208",
                    "26712992996311895937855388050883467232",
                    "54956135029244385601389859387513915205",
                    "271920638373074614745749988322912009199",
                    "38460664457821042895159081114458950003",
                    "115501079431548383753885003523860011552",
                    "260753540820306009469377490923685320691",
                    "200185611935206458241668081075162626223",
                    "212032984932251426289010321427003686672",
                    "85944363988905834904253026670568579462",
                    "108257629627401211972918736109316858296",
                    "216950027845380205798371590433193650133",
                    "259995555082482069524698370838857702055",
                    "205609846645742308176480653515058253116",
                    "114168609634170520250270269816526217257",
                    "204378047892081571998556994878344192203",
                    "289073611432386177713347243982592391836",
                    "43529288571653165473129009061182640404"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_api.cc"
            },
            "id": "ASB-A-174150451-423e07a0"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "195777170528215756133034883432980774837",
                    "82158292724028221019740140516383577821",
                    "29249664797217387640288612680381725591",
                    "51246449051180649641476430904217421430",
                    "17672392233449697628085473547180750898",
                    "283758634364552150370415211695472900701",
                    "328828160620845234744149755929506441462",
                    "2473565245579495761465996430830724257",
                    "237534467320708155262103903879152969563",
                    "92281194400390846616166060402022375024",
                    "273786359158106482533735481861079682424",
                    "2473565245579495761465996430830724257"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_opt.cc"
            },
            "id": "ASB-A-174150451-6b451b30"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "192017400156636417478041847225283769262",
                    "204933172455221844431769346722526320436",
                    "128025510019479700929535966870254602330",
                    "106559417459498412872629760774672706722"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_bld_ct.cc"
            },
            "id": "ASB-A-174150451-d141a8aa"
        }
    ],
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-174150451.json"

Android / platform/system/bt

Package

Name
platform/system/bt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-04-01

Affected versions

Other
11

Ecosystem specific 

{
    "spl": "2021-04-01",
    "fixes": [
        "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c"
    ],
    "types": [
        "ID"
    ],
    "vanir_signatures": [
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "212232968038250104482858979702624275750",
                    "287953352903989519456069944207679403882",
                    "14845834421420998534332396403871764925",
                    "86765202564817590807824327682356097034",
                    "8506577065875201243658029685407892248",
                    "153830244189308337431089565302096752200",
                    "73574399449172278035838437690423107102",
                    "63857392560911243568061870531660418492",
                    "96243532706110030824140961784393634458",
                    "229509219505541565945915529457539584181",
                    "319773369222130466408546408420315488895",
                    "147819627739377103061854328410232522877"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_pars_ct.cc"
            },
            "id": "ASB-A-174150451-03cf303e"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "192017400156636417478041847225283769262",
                    "204933172455221844431769346722526320436",
                    "128025510019479700929535966870254602330",
                    "106559417459498412872629760774672706722"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_bld_ct.cc"
            },
            "id": "ASB-A-174150451-29ec9366"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "195777170528215756133034883432980774837",
                    "82158292724028221019740140516383577821",
                    "29249664797217387640288612680381725591",
                    "51246449051180649641476430904217421430",
                    "17672392233449697628085473547180750898",
                    "283758634364552150370415211695472900701",
                    "328828160620845234744149755929506441462",
                    "2473565245579495761465996430830724257",
                    "237534467320708155262103903879152969563",
                    "92281194400390846616166060402022375024",
                    "273786359158106482533735481861079682424",
                    "2473565245579495761465996430830724257"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_opt.cc"
            },
            "id": "ASB-A-174150451-a2686563"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "281586568184723237172444381729300620204",
                    "306697745755003438563806121171698237921",
                    "246586741718193978242302054708553414208",
                    "26712992996311895937855388050883467232",
                    "54956135029244385601389859387513915205",
                    "271920638373074614745749988322912009199",
                    "38460664457821042895159081114458950003",
                    "115501079431548383753885003523860011552",
                    "260753540820306009469377490923685320691",
                    "200185611935206458241668081075162626223",
                    "212032984932251426289010321427003686672",
                    "85944363988905834904253026670568579462",
                    "108257629627401211972918736109316858296",
                    "216950027845380205798371590433193650133",
                    "259995555082482069524698370838857702055",
                    "205609846645742308176480653515058253116",
                    "114168609634170520250270269816526217257",
                    "204378047892081571998556994878344192203",
                    "289073611432386177713347243982592391836",
                    "43529288571653165473129009061182640404"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_api.cc"
            },
            "id": "ASB-A-174150451-a6802041"
        },
        {
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "234731378143251965468061532815581472551",
                    "167774733209960506572467443926203491903",
                    "47802622381427373253647455478457623346",
                    "48330210889850056886396232568450657951"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c",
            "target": {
                "file": "stack/avrc/avrc_bld_tg.cc"
            },
            "id": "ASB-A-174150451-d672039e"
        }
    ],
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-174150451.json"