In LoadedPackage::Load of LoadedArsc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure when parsing an APK file with no additional execution privileges needed. User interaction is needed for exploitation.
{ "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/a27822a79554c8cd875eac826ab84f550a7ea006" ], "vanir_signatures": [ { "source": "https://android.googlesource.com/platform/frameworks/base/+/a27822a79554c8cd875eac826ab84f550a7ea006", "signature_type": "Function", "deprecated": false, "digest": { "length": 9123.0, "function_hash": "181116009843264885544175333191855524801" }, "target": { "file": "libs/androidfw/LoadedArsc.cpp", "function": "LoadedPackage::Load" }, "signature_version": "v1", "id": "ASB-A-203938029-7597b1d4" }, { "source": "https://android.googlesource.com/platform/frameworks/base/+/a27822a79554c8cd875eac826ab84f550a7ea006", "signature_type": "Line", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "88503139530149035342909553538189157400", "179056582815394341313746471977935240601", "328373188247067051346367725971177865524", "32852578828518611587623288540746871338" ] }, "target": { "file": "libs/androidfw/LoadedArsc.cpp" }, "signature_version": "v1", "id": "ASB-A-203938029-e930b640" } ], "types": [ "ID" ], "spl": "2022-02-01", "severity": "High" }