ASB-A-216825460
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-216825460.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-216825460
- Aliases
-
- A-216825460
- CVE-2022-20227
- Published
- 2022-07-01T00:00:00Z
- Modified
- 2026-05-01T15:24:27.653932Z
- Summary
- [none]
- Details
-
In USB driver, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / :linux_kernel:
Package
- Name
- :linux_kernel:
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/kernel/common/+/7193ad3e50e59",
"https://android.googlesource.com/kernel/common/+/fb4ff0f96de37"
],
"severity": "High",
"spl": "2022-07-05",
"vanir_signatures": [
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-216825460-0c041093",
"digest": {
"length": 3917.0,
"function_hash": "51759867175630936810844205975104072139"
},
"source": "https://android.googlesource.com/kernel/common/+/7193ad3e50e59",
"signature_type": "Function",
"target": {
"file": "drivers/usb/gadget/legacy/inode.c",
"function": "gadgetfs_setup",
"truncated_path_level": 1.0
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-216825460-1e337065",
"digest": {
"line_hashes": [
"220786696602669738420112968039916400508",
"58419054149626582732950653854970518386",
"58319612690254011723664119190774671516"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/7193ad3e50e59",
"signature_type": "Line",
"target": {
"file": "drivers/usb/gadget/legacy/dbgp.c",
"truncated_path_level": 1.0
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-216825460-2435716f",
"digest": {
"line_hashes": [
"332656553028460648197238486507283164994",
"184822845197430248537449464647837682435",
"24535556639354158768388367629306163538"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/7193ad3e50e59",
"signature_type": "Line",
"target": {
"file": "drivers/usb/gadget/composite.c",
"truncated_path_level": 1.0
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-216825460-332e6bf0",
"digest": {
"length": 1417.0,
"function_hash": "211557554950156766019146613511635348846"
},
"source": "https://android.googlesource.com/kernel/common/+/7193ad3e50e59",
"signature_type": "Function",
"target": {
"file": "drivers/usb/gadget/legacy/dbgp.c",
"function": "dbgp_setup",
"truncated_path_level": 1.0
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-216825460-3492eeb3",
"digest": {
"line_hashes": [
"282852417431766263490676553128712597531",
"110705312730213592619630503319076438808",
"94219566278308689484813984906675955552",
"36491830421415711599610514669873140861",
"30790627971595482618317624871770110268",
"288531739672159843520527013539581497894",
"39603869017474101200293526634541239352",
"45180091331208902342353969121843865020",
"143434519509247879588825429509241155734"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/fb4ff0f96de37",
"signature_type": "Line",
"target": {
"file": "drivers/usb/gadget/function/rndis.c"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-216825460-444ae947",
"digest": {
"length": 8448.0,
"function_hash": "5478919993484057482267054353714439302"
},
"source": "https://android.googlesource.com/kernel/common/+/7193ad3e50e59",
"signature_type": "Function",
"target": {
"file": "drivers/usb/gadget/composite.c",
"function": "composite_setup",
"truncated_path_level": 1.0
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-216825460-47e64c35",
"digest": {
"line_hashes": [
"294771366740492330844059928101261168882",
"329472988511519008266114862851615948738",
"230055354007917815238754878125146233726",
"241615109029172640209368064780730838459",
"64969316027898508467714672781279523538",
"30332420178214091468338430140846186405",
"255997175657941735343107809281305721211",
"128343364494571164832515145964696539800",
"192991251693947936407784405714326144362",
"63161658648569397665050629489358928343"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/7193ad3e50e59",
"signature_type": "Line",
"target": {
"file": "drivers/usb/gadget/legacy/inode.c",
"truncated_path_level": 1.0
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-216825460-cce2960c",
"digest": {
"length": 1018.0,
"function_hash": "221946459094492974610708965816765957224"
},
"source": "https://android.googlesource.com/kernel/common/+/fb4ff0f96de37",
"signature_type": "Function",
"target": {
"file": "drivers/usb/gadget/function/rndis.c",
"function": "rndis_set_response"
}
}
],
"types": [
"ID"
]
}