ASB-A-204077881

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-204077881.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-204077881
Aliases
  • A-204077881
  • CVE-2021-39665
Published
2022-02-01T00:00:00Z
Modified
2025-07-15T14:57:05.684759Z
Summary
[none]
Details

In checkSpsUpdated of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

References

Affected packages

Android / platform/frameworks/av

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2022-02-01

Affected versions

Other

12

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "severity": "High",
    "vanir_signatures": [
        {
            "digest": {
                "function_hash": "69447002832914259517445382002834504670",
                "length": 404.0
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/av/+/cc538ed26803328445d52383f91025b357cda47d",
            "deprecated": false,
            "id": "ASB-A-204077881-15210b66",
            "signature_type": "Function",
            "target": {
                "file": "media/libstagefright/rtsp/AAVCAssembler.cpp",
                "function": "AAVCAssembler::checkSpsUpdated"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "329137829467727028975304135906492061630",
                    "91765238030631839877653982970183501961",
                    "78904361420780750818517263595879144632",
                    "25371881439428296618679050946846425773"
                ]
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/av/+/cc538ed26803328445d52383f91025b357cda47d",
            "deprecated": false,
            "id": "ASB-A-204077881-e937756a",
            "signature_type": "Line",
            "target": {
                "file": "media/libstagefright/rtsp/AAVCAssembler.cpp"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/av/+/cc538ed26803328445d52383f91025b357cda47d"
    ],
    "spl": "2022-02-01"
}