ASB-A-260821414
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-260821414.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-260821414
- Aliases
-
- A-260821414
- CVE-2023-21102
- Published
- 2023-05-01T00:00:00Z
- Modified
- 2024-08-07T19:30:11.016648Z
- Summary
- EFI Linux/arm64 code can be subverted to overwrite the shadow call stack pointer
- Details
-
In _efirtasmwrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / :linux_kernel:
Package
- Name
- :linux_kernel:
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"179337840841991355642887043988593067606",
"5773807457505110754444059043052909632",
"282730260334074690969290374034554911948",
"134253192418214020651208017925988575156",
"232811901045737453688945005799129261957",
"218620793557511025058338371865771396683",
"339105349812813529627753795168013015537",
"276077201739349405452701792039390901192",
"253288503435522497287142918487731045661",
"226981391358113279537999084226866317163",
"88902760063645305806195411021768245062"
]
},
"id": "ASB-A-260821414-eb7a78e9",
"source": "https://android.googlesource.com/kernel/common/+/ec6fe823507b2f6ef4a58f3a9bee9a5ec086c32c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "arch/arm64/include/asm/efi.h"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/kernel/common/+/ec6fe823507b2f6ef4a58f3a9bee9a5ec086c32c",
"https://android.googlesource.com/kernel/common/+/984241bdc04f401c423005a52eb013b00e19358c"
],
"spl": "2023-05-05",
"severity": "High",
"types": [
"EoP"
]
}