ASB-A-216481035
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-216481035.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-216481035
- Aliases
-
- A-216481035
- CVE-2022-20008
- Published
- 2022-05-01T00:00:00Z
- Modified
- 2025-10-27T15:26:11.562129Z
- Summary
- [none]
- Details
-
In mmcblkread_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
-
- https://source.android.com/security/bulletin/2022-05-01
- https://android.googlesource.com/kernel/common/+/2aea7dc18f4249dc53e53598db50b59c26a60aeb
- https://android.googlesource.com/kernel/common/+/8a3679a75730c1babde6bf63e35d227f3305bd90
- https://android.googlesource.com/kernel/common/+/8f66dc1a78a743ea3c3f039500d2aa0cddd776d5
Affected packages
Android / :linux_kernel:
Package
- Name
- :linux_kernel:
Ecosystem specific
{
"types": [
"ID"
],
"spl": "2022-05-05",
"severity": "High",
"vanir_signatures": [
{
"id": "ASB-A-216481035-0d8a59c6",
"deprecated": false,
"digest": {
"length": 978.0,
"function_hash": "290459416158443490269445564131014734238"
},
"signature_version": "v1",
"target": {
"function": "mmc_blk_read_single",
"file": "drivers/mmc/core/block.c",
"truncated_path_level": 1.0
},
"signature_type": "Function",
"source": "https://android.googlesource.com/kernel/common/+/8f66dc1a78a743ea3c3f039500d2aa0cddd776d5"
},
{
"id": "ASB-A-216481035-3203c8b1",
"deprecated": false,
"digest": {
"length": 978.0,
"function_hash": "290459416158443490269445564131014734238"
},
"signature_version": "v1",
"target": {
"function": "mmc_blk_read_single",
"file": "drivers/mmc/core/block.c",
"truncated_path_level": 1.0
},
"signature_type": "Function",
"source": "https://android.googlesource.com/kernel/common/+/8a3679a75730c1babde6bf63e35d227f3305bd90"
},
{
"id": "ASB-A-216481035-8719bca4",
"deprecated": false,
"digest": {
"line_hashes": [
"2907444189528137582598791217727045976",
"80646727252109438267268950575052761574",
"214455761909637698135983059591719148404",
"314224666913841343005414661948040423198",
"301079217581052051189090274480861617100",
"333000515435920061536231456913963985304",
"130151144031969264003597906697477326274",
"248909641728583318544137915805454314577",
"41714600779776968329513128334675758975",
"145170706701966385612643393627647051505",
"269644774211126604351262929141648861431",
"200409849303713783695564726255665398656",
"254740679565737498548231481744941635265",
"95260411534038648523560557426888444784",
"149451371566647158598358333914912173079",
"246028754277326850540093589276958046608",
"123655838134129163841804075222723179401",
"336965310461298005801655302288838830825",
"91701752304520966890165163965022529758",
"184328425099164550879843336430941754535",
"14189298840319197261086693072886128807"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "drivers/mmc/core/block.c",
"truncated_path_level": 1.0
},
"signature_type": "Line",
"source": "https://android.googlesource.com/kernel/common/+/8f66dc1a78a743ea3c3f039500d2aa0cddd776d5"
},
{
"id": "ASB-A-216481035-91b2ef5b",
"deprecated": false,
"digest": {
"line_hashes": [
"2907444189528137582598791217727045976",
"80646727252109438267268950575052761574",
"214455761909637698135983059591719148404",
"314224666913841343005414661948040423198",
"301079217581052051189090274480861617100",
"333000515435920061536231456913963985304",
"130151144031969264003597906697477326274",
"248909641728583318544137915805454314577",
"41714600779776968329513128334675758975",
"145170706701966385612643393627647051505",
"82779074392281770542715410463218417675",
"321248953353821862450469011039827550385",
"324843245304616300959363174425865350731",
"151898391135442215427971803908467078645",
"149451371566647158598358333914912173079",
"246028754277326850540093589276958046608",
"123655838134129163841804075222723179401",
"336965310461298005801655302288838830825",
"91701752304520966890165163965022529758",
"184328425099164550879843336430941754535",
"14189298840319197261086693072886128807"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "drivers/mmc/core/block.c",
"truncated_path_level": 1.0
},
"signature_type": "Line",
"source": "https://android.googlesource.com/kernel/common/+/8a3679a75730c1babde6bf63e35d227f3305bd90"
},
{
"id": "ASB-A-216481035-d11d0f38",
"deprecated": false,
"digest": {
"length": 978.0,
"function_hash": "290459416158443490269445564131014734238"
},
"signature_version": "v1",
"target": {
"function": "mmc_blk_read_single",
"file": "drivers/mmc/core/block.c",
"truncated_path_level": 1.0
},
"signature_type": "Function",
"source": "https://android.googlesource.com/kernel/common/+/2aea7dc18f4249dc53e53598db50b59c26a60aeb"
},
{
"id": "ASB-A-216481035-ee7289ad",
"deprecated": false,
"digest": {
"line_hashes": [
"2907444189528137582598791217727045976",
"80646727252109438267268950575052761574",
"214455761909637698135983059591719148404",
"314224666913841343005414661948040423198",
"301079217581052051189090274480861617100",
"333000515435920061536231456913963985304",
"130151144031969264003597906697477326274",
"248909641728583318544137915805454314577",
"41714600779776968329513128334675758975",
"145170706701966385612643393627647051505",
"82779074392281770542715410463218417675",
"321248953353821862450469011039827550385",
"324843245304616300959363174425865350731",
"151898391135442215427971803908467078645",
"149451371566647158598358333914912173079",
"246028754277326850540093589276958046608",
"123655838134129163841804075222723179401",
"336965310461298005801655302288838830825",
"91701752304520966890165163965022529758",
"184328425099164550879843336430941754535",
"14189298840319197261086693072886128807"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "drivers/mmc/core/block.c",
"truncated_path_level": 1.0
},
"signature_type": "Line",
"source": "https://android.googlesource.com/kernel/common/+/2aea7dc18f4249dc53e53598db50b59c26a60aeb"
}
],
"fixes": [
"https://android.googlesource.com/kernel/common/+/2aea7dc18f4249dc53e53598db50b59c26a60aeb",
"https://android.googlesource.com/kernel/common/+/8a3679a75730c1babde6bf63e35d227f3305bd90",
"https://android.googlesource.com/kernel/common/+/8f66dc1a78a743ea3c3f039500d2aa0cddd776d5"
]
}