ASB-A-174488848

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-174488848.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-174488848
Aliases
  • A-174488848
  • CVE-2021-0427
Published
2021-04-01T00:00:00Z
Modified
2026-06-17T15:23:34.405473849Z
Summary
[none]
Details

In parseExclusiveStateAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-04-01

Affected versions

Other
11

Ecosystem specific 

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/53251a491faab1fb88e28b7cafe5913842b8d71d"
    ],
    "types": [
        "EoP"
    ],
    "severity": "High",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/53251a491faab1fb88e28b7cafe5913842b8d71d",
            "digest": {
                "function_hash": "188024527720341225668169443149594420673",
                "length": 360.0
            },
            "id": "ASB-A-174488848-1b169a3f",
            "deprecated": false,
            "target": {
                "file": "cmds/statsd/src/logd/LogEvent.cpp",
                "function": "LogEvent::parseIsUidAnnotation"
            }
        },
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/53251a491faab1fb88e28b7cafe5913842b8d71d",
            "digest": {
                "function_hash": "175558666796953796107220613602050330302",
                "length": 308.0
            },
            "id": "ASB-A-174488848-407af62f",
            "deprecated": false,
            "target": {
                "file": "cmds/statsd/src/logd/LogEvent.cpp",
                "function": "LogEvent::parsePrimaryFieldFirstUidAnnotation"
            }
        },
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/53251a491faab1fb88e28b7cafe5913842b8d71d",
            "digest": {
                "function_hash": "27933596714342811403091895685666575677",
                "length": 728.0
            },
            "id": "ASB-A-174488848-55386cee",
            "deprecated": false,
            "target": {
                "file": "cmds/statsd/src/logd/LogEvent.cpp",
                "function": "LogEvent::parseAttributionChain"
            }
        },
        {
            "signature_version": "v1",
            "id": "ASB-A-174488848-6fe2a9fc",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/53251a491faab1fb88e28b7cafe5913842b8d71d",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "45749945900986651682789447668107471330",
                    "28869259496116186635508926806468558931",
                    "160834301108951043881162725229594969326",
                    "18874651716543263524434139933451271809",
                    "203918327907375847094678183796057978731",
                    "329971401263944470619549188024000808606",
                    "55934563699274621057207141966045347719",
                    "207866826045089815824017946649784574558",
                    "110556709531097063407242079472807619929",
                    "277499338303590650957135787045604223637",
                    "146807033573007738003213150918496229092",
                    "156380502050762537571943980764666516149",
                    "280594966967257434157700784230914616702",
                    "308198527780794404026347645098229454075",
                    "73417190750867575356364092400627357371",
                    "86096920714566775930946761854421095523",
                    "248627709479850686139320298113134961657",
                    "265510423570908768279337265549062139462",
                    "199349127725739113474365462728514023771",
                    "204757152196314333857303319276180467059",
                    "229686488660786311839501590523233361937"
                ]
            },
            "signature_type": "Line",
            "deprecated": false,
            "target": {
                "file": "cmds/statsd/src/logd/LogEvent.cpp"
            }
        },
        {
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/53251a491faab1fb88e28b7cafe5913842b8d71d",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "47235136532193763404419238827143392553",
                    "53250033784873243882588688827608939735",
                    "108587633537507210242609878158511307392"
                ]
            },
            "id": "ASB-A-174488848-96e690e7",
            "deprecated": false,
            "target": {
                "file": "cmds/statsd/tests/LogEvent_test.cpp"
            }
        },
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/53251a491faab1fb88e28b7cafe5913842b8d71d",
            "digest": {
                "function_hash": "26104577300647160386060994418956620013",
                "length": 365.0
            },
            "id": "ASB-A-174488848-c3ee23f3",
            "deprecated": false,
            "target": {
                "file": "cmds/statsd/src/logd/LogEvent.cpp",
                "function": "LogEvent::parseExclusiveStateAnnotation"
            }
        }
    ],
    "spl": "2021-04-01"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-174488848.json"