ASB-A-197154735
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-197154735.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-197154735
- Aliases
-
- A-197154735
- CVE-2021-3655
- Published
- 2022-03-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In sctpv6toskdaddr, sctpv4fromaddrparam, and related functions of ipv6.c, protocol.c, and related files, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to an on-path attacker with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
-
- https://source.android.com/security/bulletin/2022-03-01
- https://android.googlesource.com/kernel/common/+/d4dbef7046e2
- https://android.googlesource.com/kernel/common/+/6ef81a5c0e22
- https://android.googlesource.com/kernel/common/+/ffca46766850
- https://android.googlesource.com/kernel/common/+/ccb79116c372
Affected packages
Android / :linux_kernel:
Package
- Name
- :linux_kernel:
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"319872455416741868154525112673086169630",
"318785066969120397515887542605080825695",
"269008782228824201291334745388847527482",
"226099781272639869086013039852383336582",
"23556598109777606127059624945599499762",
"282407037343854269496803204655760042880",
"191604920020212455166062334884179772589",
"316679750347332238179019368906048465604",
"198200688592984841098201210434194159816",
"334882301664326064853910008725330629445",
"139314356529266086490599295401484699460",
"92352173138167512478188646722673212123"
]
},
"id": "ASB-A-197154735-009177c8",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/ipv6.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 4208.0,
"function_hash": "44721557616626414168347882360334896909"
},
"id": "ASB-A-197154735-055266e9",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/sm_make_chunk.c",
"function": "sctp_process_param"
},
"signature_type": "Function"
},
{
"digest": {
"length": 300.0,
"function_hash": "266570159968650891641632102206381204374"
},
"id": "ASB-A-197154735-0bf9cfb0",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/protocol.c",
"function": "sctp_v4_from_addr_param"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"201060738195831512752449717983112167090",
"312828031511204880988126375400111007786",
"330355049124054774009933549472370367365",
"172269707277083811375777500478852330341",
"250865455974865579964467690974684165199",
"40564180299259515422528712831430841251",
"51649931177999001946187000123119815294",
"409632732630359637462029247308281936"
]
},
"id": "ASB-A-197154735-16dc8499",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/input.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 437.0,
"function_hash": "208801820935872392874241829244546412525"
},
"id": "ASB-A-197154735-1911d6f3",
"source": "https://android.googlesource.com/kernel/common/+/ffca46766850",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/input.c",
"function": "__sctp_rcv_asconf_lookup"
},
"signature_type": "Function"
},
{
"digest": {
"length": 536.0,
"function_hash": "97921282950544371277177601022199156737"
},
"id": "ASB-A-197154735-44a0574c",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/input.c",
"function": "__sctp_rcv_init_lookup"
},
"signature_type": "Function"
},
{
"digest": {
"length": 416.0,
"function_hash": "228263391488194653314713413840568254951"
},
"id": "ASB-A-197154735-508187ef",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/input.c",
"function": "__sctp_rcv_asconf_lookup"
},
"signature_type": "Function"
},
{
"digest": {
"length": 3143.0,
"function_hash": "331181709922088180305968265864422450057"
},
"id": "ASB-A-197154735-618351a3",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/sm_make_chunk.c",
"function": "sctp_process_init"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"171932419743365859902522573802984183876",
"68093198072787372655318080847370786612",
"72610886348661911869033524688134129206",
"47793839621803675345277270164852712765",
"93671090787341487362355326616871830886",
"307916539668414732537825239659940713908",
"331740394158809723924744408451029890856",
"143427573846467008335320598663845827247",
"138831018301970915462637169265269355079",
"285956176336550308537981483114355788670",
"92957202492025370901550784172734821087",
"331890919833868215415854263750538962828",
"275657822953743518733249345407216536554",
"61512379430032405464936180322699763922",
"222047732856887700154086958059128282781",
"26041613716666252212316493532361886451",
"164983739421162262947291107470224068049",
"156544267193820752520856977892944671282",
"117582297360928748143689471088576916537",
"331945818685919436889161763812266013978",
"241239983503591545056452099645268506000"
]
},
"id": "ASB-A-197154735-8396b8be",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/bind_addr.c"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"242829979619397599977883532548698108168",
"234431321308951029932643154456578844057",
"235355240468847519140556084239080044852"
]
},
"id": "ASB-A-197154735-892e1631",
"source": "https://android.googlesource.com/kernel/common/+/ffca46766850",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/input.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 2073.0,
"function_hash": "234833085978943431289339572569141262284"
},
"id": "ASB-A-197154735-904c54e7",
"source": "https://android.googlesource.com/kernel/common/+/ccb79116c372",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/sm_make_chunk.c",
"function": "sctp_verify_param"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"312789149710644670503005044428590360979",
"234079718974528385994289072786547331468",
"219820592743440995040924486933693691167",
"33264822743273801620183520077485636776",
"227090591449711584788748834464605989554",
"321292073519805558616535975167150416667",
"112295524801490708206821826555807149711",
"145859656015189703428969608444379563204",
"306846967501754343108477523114072172403",
"270473707990483251169923373366083754215",
"325856334921268129219794418142807117618"
]
},
"id": "ASB-A-197154735-aa7d0137",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/protocol.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 1092.0,
"function_hash": "256280570640338747947147888507786003280"
},
"id": "ASB-A-197154735-b46f4728",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/sm_make_chunk.c",
"function": "sctp_asconf_param_success"
},
"signature_type": "Function"
},
{
"digest": {
"length": 280.0,
"function_hash": "147393116978498003003633878870966291709"
},
"id": "ASB-A-197154735-b709b17c",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/ipv6.c",
"function": "sctp_v6_from_addr_param"
},
"signature_type": "Function"
},
{
"digest": {
"length": 2268.0,
"function_hash": "8383324601591247335352833925151057719"
},
"id": "ASB-A-197154735-b86c952b",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/sm_make_chunk.c",
"function": "sctp_process_asconf_param"
},
"signature_type": "Function"
},
{
"digest": {
"length": 815.0,
"function_hash": "27815219120888066628602330213237472950"
},
"id": "ASB-A-197154735-c36fca53",
"source": "https://android.googlesource.com/kernel/common/+/6ef81a5c0e22",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/input.c",
"function": "__sctp_rcv_walk_lookup"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"33772260516173713241280823439827352880",
"333175849891674280776353772628503892199",
"219506453785132551564155101634667983231",
"16556209984764777448728369147256098214",
"301456673741716762008298920004142747977",
"253675174733378680096679438421237067897",
"112410010730092249455035190042968095345",
"9045208159149264770149546834491048002",
"287600237161489042593147806149109454351",
"33889876901267693467395044382401092173",
"17107418306437790592284866494946322251",
"25252553585159467526630519239458758108",
"22835495697544277299028349829831683119",
"22848106196364409413056639442692414714",
"38988135239649796712729241304077606934",
"322139641330971632130802326824213800081",
"60061315846835957469554269837800437201",
"61528767918231280428238970724022328012",
"16307233669872198597213056723631883161",
"7766984668562187532400533173776566993",
"74935113518987315932360835631325617139",
"262858685671842691693409595654307706752",
"127540505856781571795827886959507281970",
"304274818080428764349879637412203234258",
"61536167233431285404110444845602793501",
"164869435610930978515265514615239941853",
"335966920810010589132726041236188443364"
]
},
"id": "ASB-A-197154735-d56dee69",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/sm_make_chunk.c"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"243552120855091497635614489633826757014",
"269433266445487767574456592413217635887",
"155990392471420566576289089014816793172",
"209969045115756028797992891871247136747",
"134643221605587728826331283037120558227",
"57970866878800444482302228566114571503"
]
},
"id": "ASB-A-197154735-e936ffc2",
"source": "https://android.googlesource.com/kernel/common/+/ccb79116c372",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/sm_make_chunk.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 694.0,
"function_hash": "83593734613677091862336619744786311254"
},
"id": "ASB-A-197154735-eeb591cb",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/bind_addr.c",
"function": "sctp_raw_to_bind_addrs"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"144713636533299592796544083623329395760",
"195210498813989855585093030782894126774",
"139140305018463407437812360337360376722",
"182156966814981423755249394354189561591"
]
},
"id": "ASB-A-197154735-f97b1583",
"source": "https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "include/net/sctp/structs.h"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"275486513023900108687532720846205787000",
"100584992212719945187372757703727362304",
"131953216273510178192844036489523571527",
"255036424015238203291095256488288538437"
]
},
"id": "ASB-A-197154735-fd17a961",
"source": "https://android.googlesource.com/kernel/common/+/6ef81a5c0e22",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/sctp/input.c"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/kernel/common/+/d4dbef7046e2",
"https://android.googlesource.com/kernel/common/+/6ef81a5c0e22",
"https://android.googlesource.com/kernel/common/+/ffca46766850",
"https://android.googlesource.com/kernel/common/+/ccb79116c372"
],
"spl": "2022-03-05",
"severity": "High",
"types": [
"ID"
]
}