ASB-A-245135112
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-245135112.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-245135112
- Aliases
-
- A-245135112
- CVE-2023-35687
- Published
- 2023-09-01T00:00:00Z
- Modified
- 2024-08-07T19:29:52.613495Z
- Summary
- [none]
- Details
-
In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"49440150004597398374299339656218450864",
"135677111807147160386708736057925333638",
"202537571553025539675748916310275647158",
"296972742206731287151675506359443186515"
]
},
"id": "ASB-A-245135112-0858d31e",
"source": "https://android.googlesource.com/platform/frameworks/av/+/3afa6e80e8568fe63f893fa354bc79ef91d3dcc0",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/mtp/MtpProperty.h"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/3afa6e80e8568fe63f893fa354bc79ef91d3dcc0"
],
"spl": "2023-09-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"49440150004597398374299339656218450864",
"135677111807147160386708736057925333638",
"202537571553025539675748916310275647158",
"296972742206731287151675506359443186515"
]
},
"id": "ASB-A-245135112-c2c06a9e",
"source": "https://android.googlesource.com/platform/frameworks/av/+/d44311374e41a26b28db56794c9a7890a13a6972",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/mtp/MtpProperty.h"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/d44311374e41a26b28db56794c9a7890a13a6972"
],
"spl": "2023-09-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"49440150004597398374299339656218450864",
"135677111807147160386708736057925333638",
"202537571553025539675748916310275647158",
"296972742206731287151675506359443186515"
]
},
"id": "ASB-A-245135112-b87de1b5",
"source": "https://android.googlesource.com/platform/frameworks/av/+/c138d20635694857754f2b7de2342089de13d556",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/mtp/MtpProperty.h"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/c138d20635694857754f2b7de2342089de13d556"
],
"spl": "2023-09-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"49440150004597398374299339656218450864",
"135677111807147160386708736057925333638",
"202537571553025539675748916310275647158",
"296972742206731287151675506359443186515"
]
},
"id": "ASB-A-245135112-cbf2e1fd",
"source": "https://android.googlesource.com/platform/frameworks/av/+/5825299cf697df203ce42f67f741731b97f96071",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/mtp/MtpProperty.h"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/5825299cf697df203ce42f67f741731b97f96071"
],
"spl": "2023-09-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"49440150004597398374299339656218450864",
"135677111807147160386708736057925333638",
"202537571553025539675748916310275647158",
"296972742206731287151675506359443186515"
]
},
"id": "ASB-A-245135112-96b0935d",
"source": "https://android.googlesource.com/platform/frameworks/av/+/99d0823ca2b8275f000a437150fb8d1938b1b31a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/mtp/MtpProperty.h"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/99d0823ca2b8275f000a437150fb8d1938b1b31a"
],
"spl": "2023-09-01",
"severity": "High",
"types": [
"EoP"
]
}