ASB-A-254803162
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-254803162.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-254803162
- Aliases
-
- A-254803162
- CVE-2023-20958
- Published
- 2023-03-01T00:00:00Z
- Modified
- 2026-04-24T15:37:38.793646Z
- Summary
- [none]
- Details
-
In read_paint of ttcolr.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/external/freetype
Package
Android / platform/external/freetype
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"306028730103453001949389040698110809210",
"139551454863163921199091447580440890743",
"146481857632338490229451060853437642193",
"52923008947120250382686592499354124373",
"103390494577978554655663562106019007429",
"311535720356207440618201013295517544080",
"263791282487955854066239476330548281248",
"154550138651895736634106501555028627147",
"126023655564957189324895948395724503363",
"47841667429785024774877606583258177440",
"157831469805408457417433933344796030494",
"128238996367472570062047381139380673765",
"110644623379568852099709327847126581659",
"105553687388233691960296314805900136071",
"50111659023819480512636344661363422627",
"170745083070249731896637414250525299775",
"271829570882408219265880480877109604417",
"131818949153970063885003368394068527294",
"313801983922143130188867348647693009890",
"313610615790584256513557166397042661607",
"208628776772681940669443923441209641379",
"244930656989140677336386094008945216271",
"12672997220747165287942532257231905775",
"78220747209021846639297174279767866836",
"39112473556601994622699064173279287430",
"272372914479427644101259402595087452638",
"334765934514828448194691644195121841919",
"92739665075054122881410002459718624740",
"336595512376344382895362844154876546483",
"108152522950872298177532387053883185371",
"16191347676968857858877719674763164388",
"75773312977215286259429635251826035787",
"188409672356226176053788052145871893533",
"91143965747346509511241320602927864971",
"272698422234510055857249334519843134540",
"93548487298838510260721883110491236706",
"159085700099597414715421493584185808081",
"286302697220326232021711404906086561976",
"219113390765323762551543646848130750715",
"286709817848932883390923149620027314800",
"251711439383684670559968540234682477315",
"146492862162375426727754448507183125894",
"3826590563765277584297568531103087788",
"21363079221283039628355594746609282564",
"35279173998540991358487128469439539082",
"124818387315921630012688634714708409857",
"309706396900603377093330220940426574748",
"4065293868813772577317159028262253465",
"51722676836173464740452856352123558567",
"111385093176625424726810537903159486445",
"42700529971238162577034322091016376653",
"26453188124286742715656649985588049099",
"44758196280328814276824374934087830486",
"128811308591740885678058902910867905206",
"219777835619492577551760383867886024167",
"112445417634223826472403462108176778983",
"235377609065164758842094833296701734689",
"248590775977334896468842175376274499402",
"121347156128466578282184259951802446038",
"239902161045098148916876693761450559412",
"36943730272097728288876688975513481448",
"120653563891354915867545929761197940610",
"196772659357566858624513698937506685528",
"84000472345732681592580113441802261646",
"113042475703390595762514377063929626949",
"40708619659630716894572737856881413665",
"62728794434925583579805085429507648300",
"231435349030168719952753608234201717757",
"100165521904982659079436998922500697565",
"69869752435190240569589921259717445370",
"274721578920433698004389192039801651657",
"250253667760252061623450827911287889505",
"141137264133873383923089780289888986928",
"138507170756007196890016410753863032880",
"65560529895864474444280617841624897041",
"230970938259886824516699882421850430277",
"179834360902633010314850207246579288008",
"38683025683833032981472370768473397668",
"330774469270102111921943588653901196954",
"83957305151142334745416304181683574066",
"134105816972824297494678382552876023852",
"313261455380631391363597566642671202672",
"213001289923340008701256667973412945343",
"63608630149708990954475705771229600003",
"152142401467115816188922512903659338026",
"64875136997337305080492253441712431503"
]
},
"id": "ASB-A-254803162-1028b8bf",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/external/freetype/+/b56d29a0a69d9fe7b8e377b3397d1e326761dfab",
"target": {
"file": "src/sfnt/ttcolr.c"
}
},
{
"digest": {
"length": 966.0,
"function_hash": "324248395258620335472283662895952390797"
},
"id": "ASB-A-254803162-671b0736",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/external/freetype/+/b56d29a0a69d9fe7b8e377b3397d1e326761dfab",
"target": {
"function": "tt_face_get_paint_layers",
"file": "src/sfnt/ttcolr.c"
}
},
{
"digest": {
"length": 7170.0,
"function_hash": "102613444367544991272758447049686408626"
},
"id": "ASB-A-254803162-e69c6e1b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/external/freetype/+/b56d29a0a69d9fe7b8e377b3397d1e326761dfab",
"target": {
"function": "read_paint",
"file": "src/sfnt/ttcolr.c"
}
},
{
"digest": {
"length": 383.0,
"function_hash": "216580915472578561713184683606363861758"
},
"id": "ASB-A-254803162-eddf7dc5",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/external/freetype/+/b56d29a0a69d9fe7b8e377b3397d1e326761dfab",
"target": {
"function": "read_color_line",
"file": "src/sfnt/ttcolr.c"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/external/freetype/+/b56d29a0a69d9fe7b8e377b3397d1e326761dfab"
],
"types": [
"ID"
],
"spl": "2023-03-01",
"severity": "High"
}