ASB-A-188893559
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-188893559.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-188893559
- Aliases
-
- A-188893559
- CVE-2021-0971
- Published
- 2021-12-01T00:00:00Z
- Modified
- 2026-04-21T15:25:42.831358Z
- Summary
- [none]
- Details
-
In MPEG4Source::read of MPEG4Extractor.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"130407003408990509847617766837743465864",
"126661261809857713936724813726950350439",
"327298313001233210597092582416710992705",
"187134861346026593606578275531654738028",
"265594072352341781968374892769002522590",
"286048203133445734809555858812193155969",
"206342229608626372018235246874117795328",
"120442340107153497548420716076854226825",
"205038619628968264154546117350607330444",
"156672785600177857284569566917685691819",
"27041513861367895821381697177687360796",
"222052858770915641541326418596598908171",
"231688285497031449143415612428446521566",
"157354699372058459345056094344774560219",
"25898820081694474639530659188313523050",
"254411297442169944213995411699536614019",
"212041461865253097569538614065489310068",
"39420765489541656641619705884622210316",
"256084695141282911867047626001005886600",
"41896611912511696744511150933946918976",
"85842841450138108428978856660010834628",
"242947433218959608275094775214665085443"
]
},
"id": "ASB-A-188893559-14fb878d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/av/+/d13a4efc7a5c07c95a00036a7db15b16116b41a5",
"target": {
"file": "media/extractors/mp4/MPEG4Extractor.cpp"
}
},
{
"digest": {
"length": 2432.0,
"function_hash": "302997053393924354128895893519666193605"
},
"id": "ASB-A-188893559-8e2cae8b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/av/+/d13a4efc7a5c07c95a00036a7db15b16116b41a5",
"target": {
"function": "MPEG4Source::MPEG4Source",
"file": "media/extractors/mp4/MPEG4Extractor.cpp"
}
},
{
"digest": {
"length": 6977.0,
"function_hash": "240936766753096735795334765645641439000"
},
"id": "ASB-A-188893559-ab3a2d15",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/av/+/d13a4efc7a5c07c95a00036a7db15b16116b41a5",
"target": {
"function": "MPEG4Source::read",
"file": "media/extractors/mp4/MPEG4Extractor.cpp"
}
},
{
"digest": {
"length": 875.0,
"function_hash": "109104405059307769068458604737755554630"
},
"id": "ASB-A-188893559-f18763bd",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/av/+/d13a4efc7a5c07c95a00036a7db15b16116b41a5",
"target": {
"function": "MPEG4Source::start",
"file": "media/extractors/mp4/MPEG4Extractor.cpp"
}
},
{
"digest": {
"length": 281.0,
"function_hash": "156393031621899562568828643054737883696"
},
"id": "ASB-A-188893559-f9319eba",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/av/+/d13a4efc7a5c07c95a00036a7db15b16116b41a5",
"target": {
"function": "MPEG4Source::stop",
"file": "media/extractors/mp4/MPEG4Extractor.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/d13a4efc7a5c07c95a00036a7db15b16116b41a5"
],
"types": [
"ID"
],
"spl": "2021-12-05",
"severity": "High"
}
Android / platform/frameworks/av
Package
Android / platform/frameworks/av
Package
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 710.0,
"function_hash": "203656738290453830007845030436390538376"
},
"id": "ASB-A-188893559-3c1923d8",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/av/+/1d5c36d889a2ce730685ffdf487ef37971c42ef4",
"target": {
"function": "MPEG4Source::start",
"file": "media/extractors/mp4/MPEG4Extractor.cpp"
}
},
{
"digest": {
"length": 10278.0,
"function_hash": "125956997577254263352658875871082931556"
},
"id": "ASB-A-188893559-41049e25",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/av/+/1d5c36d889a2ce730685ffdf487ef37971c42ef4",
"target": {
"function": "MPEG4Source::read",
"file": "media/extractors/mp4/MPEG4Extractor.cpp"
}
},
{
"digest": {
"length": 4692.0,
"function_hash": "33875055151062456510490058068096375231"
},
"id": "ASB-A-188893559-5c890574",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/av/+/1d5c36d889a2ce730685ffdf487ef37971c42ef4",
"target": {
"function": "MPEG4Source::MPEG4Source",
"file": "media/extractors/mp4/MPEG4Extractor.cpp"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"321574769811247314751273609416809024001",
"225171250139788195278748488212190238721",
"248616298648776904614516915079911925541",
"282190448648714590751049113984733187599",
"123679115721083831063003150835082386234",
"214934196773800004921525103649850295503",
"332171114058105969196228832627989470461",
"271599469198682802962819457108573565368",
"142147131761617980804969723857932893812",
"333065124964863523346868907081019383759",
"38290672031772373048821930482019456611",
"222052858770915641541326418596598908171",
"231688285497031449143415612428446521566",
"255508728156890850427217730327713834402",
"56225122554343842981007590040086535554",
"193757175305430297528858034371647266922",
"158093320456286410543634928712222081161",
"48061167473747081923442297814071022359",
"227671036278827796055037462564300279027",
"262902866548860527790026370581031820386",
"41385525598247107887333689752097077178",
"43733170130701897297075764996936351502"
]
},
"id": "ASB-A-188893559-a9de0725",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/av/+/1d5c36d889a2ce730685ffdf487ef37971c42ef4",
"target": {
"file": "media/extractors/mp4/MPEG4Extractor.cpp"
}
},
{
"digest": {
"length": 256.0,
"function_hash": "330830027588050062221341932925713882982"
},
"id": "ASB-A-188893559-be30ec97",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/av/+/1d5c36d889a2ce730685ffdf487ef37971c42ef4",
"target": {
"function": "MPEG4Source::stop",
"file": "media/extractors/mp4/MPEG4Extractor.cpp"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/1d5c36d889a2ce730685ffdf487ef37971c42ef4"
],
"types": [
"ID"
],
"spl": "2021-12-05",
"severity": "High"
}