ASB-A-198346478
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-198346478.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-198346478
- Aliases
-
- A-198346478
- CVE-2021-0966
- Published
- 2021-12-01T00:00:00Z
- Modified
- 2026-05-01T15:24:27.653932Z
- Summary
- [none]
- Details
-
In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data. This could lead to local information disclosure across Binder transactions with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/system/tools/aidl
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/system/tools/aidl/+/f2e752316b0d9d2708bc56d20c1649e704bca030"
],
"severity": "High",
"spl": "2021-12-01",
"vanir_signatures": [
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-198346478-206c067d",
"digest": {
"line_hashes": [
"312820962761557008148303880221382425359",
"23823734065005563513966409513642516805",
"33002857817697896316689490743289806656",
"39714594035538264493668839179804785235"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/system/tools/aidl/+/f2e752316b0d9d2708bc56d20c1649e704bca030",
"signature_type": "Line",
"target": {
"file": "generate_cpp.cpp"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-198346478-428f4e0b",
"digest": {
"length": 2239.0,
"function_hash": "326601426788344758004763648233943715918"
},
"source": "https://android.googlesource.com/platform/system/tools/aidl/+/f2e752316b0d9d2708bc56d20c1649e704bca030",
"signature_type": "Function",
"target": {
"file": "generate_cpp.cpp",
"function": "BuildParcelHeader"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-198346478-640953c0",
"digest": {
"line_hashes": [
"129378056618984160971364387354311187123",
"178003074383539396753051710658857581258",
"225238775845769716849799452850860555295",
"273028201806421038180591682801863800162"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/system/tools/aidl/+/f2e752316b0d9d2708bc56d20c1649e704bca030",
"signature_type": "Line",
"target": {
"file": "generate_ndk.cpp"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-198346478-741a9d9f",
"digest": {
"length": 992.0,
"function_hash": "222524032315743326666284216788730707453"
},
"source": "https://android.googlesource.com/platform/system/tools/aidl/+/f2e752316b0d9d2708bc56d20c1649e704bca030",
"signature_type": "Function",
"target": {
"file": "generate_ndk.cpp",
"function": "GenerateParcelHeader"
}
}
],
"types": [
"ID"
]
}
Android / platform/system/tools/aidl
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/system/tools/aidl/+/8f9de735cc768434fe35e683d8140ccc6c70a088"
],
"severity": "High",
"spl": "2021-12-01",
"vanir_signatures": [
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-198346478-05cb5868",
"digest": {
"line_hashes": [
"264802842146083026036916011199573792850",
"204040046010545831252756766834823289204",
"6806657853291627825636324932845214010",
"294743258619582016492104830905565405228"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/system/tools/aidl/+/8f9de735cc768434fe35e683d8140ccc6c70a088",
"signature_type": "Line",
"target": {
"file": "generate_cpp.cpp"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-198346478-578ddbc8",
"digest": {
"line_hashes": [
"113279781244028926090189194923672148444",
"74391618858168488632270844761742943164",
"225238775845769716849799452850860555295",
"273028201806421038180591682801863800162"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/system/tools/aidl/+/8f9de735cc768434fe35e683d8140ccc6c70a088",
"signature_type": "Line",
"target": {
"file": "generate_ndk.cpp"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-198346478-5d639350",
"digest": {
"line_hashes": [
"250718133067864697922945017348274298643",
"52372194918281449002100330847136220109",
"98496241369463802619853693648845541680",
"84516898486546100705879329204325126564",
"60549146341320380808439822386520322686",
"66087812960287637138850269813056259827",
"186747283850515549722558151870431505928",
"159916955571046314316531372104725995262",
"311303759342704408277996765929478986244",
"244389655537552032501284148424871825216",
"68076576393139126643742075043240320347",
"110191790375250089414103832924326854985",
"138123917172604772914053740305500257301",
"12320108308049293518580822616258861105",
"322788696425952919733109864849010772609",
"111790049379499682798059568367686923797",
"112348007897370324614304973623611181556",
"128765566414775141195211131112138987698",
"119864308726076405577909097788658756970"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/system/tools/aidl/+/8f9de735cc768434fe35e683d8140ccc6c70a088",
"signature_type": "Line",
"target": {
"file": "tests/golden_output/aidl-test-interface-cpp-source/gen/include/android/aidl/tests/StructuredParcelable.h"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-198346478-b1825f5b",
"digest": {
"line_hashes": [
"66967101736838554154680316481538631836",
"236251703838020997560660639668582255895",
"45845238726788281392925421476760920617",
"152650760950779136808616691559163958565",
"332435470753299164675451992494096568721",
"92259272660562283691011302569012975336",
"48288453470048448400082083847194364666",
"189681335721922647839436997093688526830",
"161979024677520046017255690135461073012",
"222165546359451352255176667446033045892",
"177862384560001095647430931807351745316",
"275560139398974124159070503857220187967",
"280219198516595038208414537672341683764",
"292316102031252907198125093355093200083",
"7477696309102365821669176671113444918",
"189883291931785653866654619149685023814",
"61427490000947264933972889040432958511",
"288218642560871932972797989426715939544",
"297835768597214604458524111445427079728"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/system/tools/aidl/+/8f9de735cc768434fe35e683d8140ccc6c70a088",
"signature_type": "Line",
"target": {
"file": "tests/golden_output/aidl-test-interface-ndk_platform-source/gen/include/aidl/android/aidl/tests/StructuredParcelable.h"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-198346478-dd304f6a",
"digest": {
"length": 755.0,
"function_hash": "284803375110470307090192299003511583373"
},
"source": "https://android.googlesource.com/platform/system/tools/aidl/+/8f9de735cc768434fe35e683d8140ccc6c70a088",
"signature_type": "Function",
"target": {
"file": "generate_cpp.cpp",
"function": "BuildParcelFields"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-198346478-f8e048a4",
"digest": {
"length": 2088.0,
"function_hash": "336089501090492204401183314771489846266"
},
"source": "https://android.googlesource.com/platform/system/tools/aidl/+/8f9de735cc768434fe35e683d8140ccc6c70a088",
"signature_type": "Function",
"target": {
"file": "generate_ndk.cpp",
"function": "GenerateParcelHeader"
}
}
],
"types": [
"ID"
]
}