ASB-A-213169612

See a problem?

Import Source

https://storage.googleapis.com/android-osv/ASB-A-213169612.json

JSON Data

https://api.osv.dev/v1/vulns/ASB-A-213169612

Aliases

A-213169612
CVE-2021-39798

Published

2022-04-01T00:00:00Z

Modified

2026-05-01T15:24:27.653932Z

Summary

[none]

Details

In Bitmap_createFromParcel of Bitmap.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12:0

Fixed

12:2022-04-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/a52463fd6e71dd0563b3fd8883b4ccaf9f858e8b"
    ],
    "severity": "High",
    "spl": "2022-04-01",
    "vanir_signatures": [
        {
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-213169612-1fa480c4",
            "digest": {
                "length": 1091.0,
                "function_hash": "298723804618210622839170125048816206607"
            },
            "source": "https://android.googlesource.com/platform/frameworks/base/+/a52463fd6e71dd0563b3fd8883b4ccaf9f858e8b",
            "signature_type": "Function",
            "target": {
                "file": "libs/hwui/jni/Bitmap.cpp",
                "function": "readBlob"
            }
        },
        {
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-213169612-744edf78",
            "digest": {
                "line_hashes": [
                    "266940641778186271866308530012146931755",
                    "134935205797807340712525054349880971403",
                    "171265355272777184913210828042316108610",
                    "133986448833256767128279036091857926309",
                    "109494114485040037795143545000596918024",
                    "112989504939797086154816508027829577274",
                    "105485686445977056688041581686711479221",
                    "135864330342260059480847191298899514970",
                    "137695649785554190667041293028485676745",
                    "5143597894172950500846437306196644155",
                    "247342482795181788939364105810181033524",
                    "152136980744809224016368491168192611787",
                    "224572554855085605716299869588936496471",
                    "10527546642301129621937105445842490683",
                    "72181011004665163325778608617443450080",
                    "312375336833074828332809641563836110834",
                    "276999878176087488419289360253581284940",
                    "102779650256351647895689418430519148892",
                    "111506834329235192579738431474292614497",
                    "238315880751827910418473125769919670870",
                    "118674983319243195874539893906826933015",
                    "299408165301620595386164836616322766701",
                    "212358219752102462755019565970264053481",
                    "88635882593219811637920904833607027486",
                    "183592633330104206910238041767769170097",
                    "64561312864262026145385672497871425421",
                    "117167398424197783359649220834771308833",
                    "124113715689834575848019527548738463802",
                    "41953089415888579848886477307023923384",
                    "49348247240288722149282036387251972336",
                    "151529537084475421808189218427468043085",
                    "70866061804200166391843393247438832936",
                    "124080396256517005523343692377585138235",
                    "268780280152106401896730617865992259409",
                    "38018975486190279725620322635740032435",
                    "218765315951525777160099138459380053489",
                    "332759062103260616126780964962032309307",
                    "100099594786023010934379429141002890867",
                    "31520142473009231543661306676353784509",
                    "177044517232391069709154446997312219037",
                    "261577655648236193359564407731469647553",
                    "32084054888982228337732647728637996568",
                    "166419116124279963279601817505773587879",
                    "83137984006902329856373014592213398901",
                    "64705325922269890852145519755812279894",
                    "173786163302649528980616219057508420232",
                    "140699939495861654492147727087722041132",
                    "311064847245759385108463228089070803348",
                    "248628769412137846834283109888606066732"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/frameworks/base/+/a52463fd6e71dd0563b3fd8883b4ccaf9f858e8b",
            "signature_type": "Line",
            "target": {
                "file": "libs/hwui/jni/Bitmap.cpp"
            }
        },
        {
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-213169612-b18ff1c5",
            "digest": {
                "length": 2742.0,
                "function_hash": "80049770482475436318459513906402584726"
            },
            "source": "https://android.googlesource.com/platform/frameworks/base/+/a52463fd6e71dd0563b3fd8883b4ccaf9f858e8b",
            "signature_type": "Function",
            "target": {
                "file": "libs/hwui/jni/Bitmap.cpp",
                "function": "Bitmap_createFromParcel"
            }
        }
    ],
    "types": [
        "EoP"
    ]
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-213169612.json"