ASB-A-269456018

See a problem?

Import Source

https://storage.googleapis.com/android-osv/ASB-A-269456018.json

JSON Data

https://api.osv.dev/v1/vulns/ASB-A-269456018

Aliases

A-269456018
CVE-2023-21274

Published

2023-08-01T00:00:00Z

Modified

2024-08-07T19:29:21.584511Z

Summary

[none]

Details

In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/modules/NeuralNetworks

Package

Name: platform/packages/modules/NeuralNetworks

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13-next:0

Fixed

13-next:2023-08-01

Affected versions

Other

13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "176601635788391476565524033691199382557",
                    "326614349900514728878898230718069872568",
                    "225124754959809905925752443612499307428",
                    "78697356797215910034281392899615031347"
                ]
            },
            "id": "ASB-A-269456018-2278b777",
            "source": "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/da885e104c92c440b697834926ac4a772758d5c3",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "shim_and_sl/ShimConverter.cpp"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/da885e104c92c440b697834926ac4a772758d5c3"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/modules/NeuralNetworks

Package

Name: platform/packages/modules/NeuralNetworks

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12:0

Fixed

12:2023-08-01

Affected versions

Other

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "176601635788391476565524033691199382557",
                    "326614349900514728878898230718069872568",
                    "225124754959809905925752443612499307428",
                    "78697356797215910034281392899615031347"
                ]
            },
            "id": "ASB-A-269456018-b329623e",
            "source": "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/d7007e8569f71f10ccc454804d46a948a1b0b8a5",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "shim_and_sl/ShimConverter.cpp"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/d7007e8569f71f10ccc454804d46a948a1b0b8a5"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/modules/NeuralNetworks

Package

Name: platform/packages/modules/NeuralNetworks

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12L:0

Fixed

12L:2023-08-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "176601635788391476565524033691199382557",
                    "326614349900514728878898230718069872568",
                    "225124754959809905925752443612499307428",
                    "78697356797215910034281392899615031347"
                ]
            },
            "id": "ASB-A-269456018-881d7f30",
            "source": "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/b108bc94105b1a12f0fcf21bf7e13ccdee6e4efa",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "shim_and_sl/ShimConverter.cpp"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/b108bc94105b1a12f0fcf21bf7e13ccdee6e4efa"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/modules/NeuralNetworks

Package

Name: platform/packages/modules/NeuralNetworks

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13:0

Fixed

13:2023-08-01

Affected versions

Other

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "176601635788391476565524033691199382557",
                    "326614349900514728878898230718069872568",
                    "225124754959809905925752443612499307428",
                    "78697356797215910034281392899615031347"
                ]
            },
            "id": "ASB-A-269456018-33da6219",
            "source": "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/5d81dcf032155c2967f613629bb67f629f835636",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "shim_and_sl/ShimConverter.cpp"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/5d81dcf032155c2967f613629bb67f629f835636"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}