ASB-A-285645039
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-285645039.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-285645039
- Aliases
-
- A-285645039
- CVE-2023-40115
- Published
- 2023-11-01T00:00:00Z
- Modified
- 2025-02-26T22:48:49Z
- Summary
- [none]
- Details
-
In readLogs of StatsService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/modules/StatsD
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 222.0,
"function_hash": "190139916014078794201190441593495255888"
},
"id": "ASB-A-285645039-2321da57",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/3937ea3cdcf531a14cdba4ef176d8aa89d9d6066",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "StatsService::readLogs"
},
"signature_type": "Function"
},
{
"digest": {
"length": 2525.0,
"function_hash": "170025933828175594194721604275166181251"
},
"id": "ASB-A-285645039-9bfacc48",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/3937ea3cdcf531a14cdba4ef176d8aa89d9d6066",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "mInitEventDelaySecs"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"24938293731554636473098398205316056354",
"18944739092555810520413270013999179633",
"62673561178611369184800734059699398735",
"107651199482235546255415669659835414516",
"15664087137759784019850001285856476293",
"52788991262695293056646716387794235053"
]
},
"id": "ASB-A-285645039-bfd554da",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/3937ea3cdcf531a14cdba4ef176d8aa89d9d6066",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.h"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"284175425589097230727147656800977346044",
"334369693926564463613608742465654614201",
"288223269456115365291245602458738083098",
"148667828061323797183185443430761605895",
"283245882279883015538077767184721125668",
"91011422154839185681590367440624013254",
"228991447056343218450583282699753578122",
"200991055704848072321835649022205081417",
"314445733331473514438239458627334934923",
"290215494774479982526444497481484572928",
"150837300128228537133125342259255129700",
"158274056577435042297687633569209542541",
"299056411393582019832200088668149889192",
"108587633537507210242609878158511307392",
"108587633537507210242609878158511307392"
]
},
"id": "ASB-A-285645039-d3caf925",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/3937ea3cdcf531a14cdba4ef176d8aa89d9d6066",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp"
},
"signature_type": "Line"
},
{
"digest": {
"length": 37.0,
"function_hash": "290532900627309439606711308425738821162"
},
"id": "ASB-A-285645039-efd083d9",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/3937ea3cdcf531a14cdba4ef176d8aa89d9d6066",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "StatsService::~StatsService"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/StatsD/+/3937ea3cdcf531a14cdba4ef176d8aa89d9d6066"
],
"spl": "2023-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 222.0,
"function_hash": "190139916014078794201190441593495255888"
},
"id": "ASB-A-285645039-5abb01b1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/03de4e4f1a0546fdd3b002651851bee9ffe0e11b",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "cmds/statsd/src/StatsService.cpp",
"function": "StatsService::readLogs"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"9560257399028977192882822136888446391",
"6814727255881169936930416864601371522",
"95344555408575203031917538580592384557",
"131440157779380392246526055656246270484",
"208613213791790390267597640934962107644",
"94612942637015893079560201185174185719",
"149102618012575246417676794546503739423"
]
},
"id": "ASB-A-285645039-73a84601",
"source": "https://android.googlesource.com/platform/frameworks/base/+/03de4e4f1a0546fdd3b002651851bee9ffe0e11b",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "cmds/statsd/src/StatsService.h"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"162094486690609551357265491806306373800",
"21343630666638973742897342745690999120",
"288223269456115365291245602458738083098",
"148667828061323797183185443430761605895",
"283245882279883015538077767184721125668",
"91011422154839185681590367440624013254",
"228991447056343218450583282699753578122",
"200991055704848072321835649022205081417",
"314445733331473514438239458627334934923",
"290215494774479982526444497481484572928",
"150837300128228537133125342259255129700",
"158274056577435042297687633569209542541",
"335343134791047350178012205680999322642",
"191751358642596428187797542992949197800",
"108587633537507210242609878158511307392"
]
},
"id": "ASB-A-285645039-797889bb",
"source": "https://android.googlesource.com/platform/frameworks/base/+/03de4e4f1a0546fdd3b002651851bee9ffe0e11b",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "cmds/statsd/src/StatsService.cpp"
},
"signature_type": "Line"
},
{
"digest": {
"length": 37.0,
"function_hash": "290532900627309439606711308425738821162"
},
"id": "ASB-A-285645039-8fa418a0",
"source": "https://android.googlesource.com/platform/frameworks/base/+/03de4e4f1a0546fdd3b002651851bee9ffe0e11b",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "cmds/statsd/src/StatsService.cpp",
"function": "StatsService::~StatsService"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1584.0,
"function_hash": "74176117800312312752666027285333827045"
},
"id": "ASB-A-285645039-ad3d2575",
"source": "https://android.googlesource.com/platform/frameworks/base/+/03de4e4f1a0546fdd3b002651851bee9ffe0e11b",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "cmds/statsd/src/StatsService.cpp",
"function": "mStatsCompanionServiceDeathRecipient"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/03de4e4f1a0546fdd3b002651851bee9ffe0e11b"
],
"spl": "2023-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/packages/modules/StatsD
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"9560257399028977192882822136888446391",
"6814727255881169936930416864601371522",
"95344555408575203031917538580592384557",
"208613213791790390267597640934962107644",
"94612942637015893079560201185174185719",
"149102618012575246417676794546503739423"
]
},
"id": "ASB-A-285645039-09dc6373",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/e67695fae80d3164f5cd5237ebf1b7a0dbfed6f4",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.h"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"162094486690609551357265491806306373800",
"21343630666638973742897342745690999120",
"288223269456115365291245602458738083098",
"148667828061323797183185443430761605895",
"283245882279883015538077767184721125668",
"91011422154839185681590367440624013254",
"228991447056343218450583282699753578122",
"200991055704848072321835649022205081417",
"314445733331473514438239458627334934923",
"290215494774479982526444497481484572928",
"150837300128228537133125342259255129700",
"158274056577435042297687633569209542541",
"335343134791047350178012205680999322642",
"191751358642596428187797542992949197800",
"108587633537507210242609878158511307392"
]
},
"id": "ASB-A-285645039-38a49bba",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/e67695fae80d3164f5cd5237ebf1b7a0dbfed6f4",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp"
},
"signature_type": "Line"
},
{
"digest": {
"length": 222.0,
"function_hash": "190139916014078794201190441593495255888"
},
"id": "ASB-A-285645039-a22d4b2a",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/e67695fae80d3164f5cd5237ebf1b7a0dbfed6f4",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "StatsService::readLogs"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1584.0,
"function_hash": "74176117800312312752666027285333827045"
},
"id": "ASB-A-285645039-c654231e",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/e67695fae80d3164f5cd5237ebf1b7a0dbfed6f4",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "mStatsCompanionServiceDeathRecipient"
},
"signature_type": "Function"
},
{
"digest": {
"length": 37.0,
"function_hash": "290532900627309439606711308425738821162"
},
"id": "ASB-A-285645039-e6cbc6f9",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/e67695fae80d3164f5cd5237ebf1b7a0dbfed6f4",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "StatsService::~StatsService"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/StatsD/+/e67695fae80d3164f5cd5237ebf1b7a0dbfed6f4"
],
"spl": "2023-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/packages/modules/StatsD
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1584.0,
"function_hash": "74176117800312312752666027285333827045"
},
"id": "ASB-A-285645039-3ae10a1a",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/d3bee21e053401c30a1a5cee5a7ddd2d9fa0463e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "mStatsCompanionServiceDeathRecipient"
},
"signature_type": "Function"
},
{
"digest": {
"length": 37.0,
"function_hash": "290532900627309439606711308425738821162"
},
"id": "ASB-A-285645039-5cd93382",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/d3bee21e053401c30a1a5cee5a7ddd2d9fa0463e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "StatsService::~StatsService"
},
"signature_type": "Function"
},
{
"digest": {
"length": 222.0,
"function_hash": "190139916014078794201190441593495255888"
},
"id": "ASB-A-285645039-6335df16",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/d3bee21e053401c30a1a5cee5a7ddd2d9fa0463e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "StatsService::readLogs"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"162094486690609551357265491806306373800",
"21343630666638973742897342745690999120",
"288223269456115365291245602458738083098",
"148667828061323797183185443430761605895",
"283245882279883015538077767184721125668",
"91011422154839185681590367440624013254",
"228991447056343218450583282699753578122",
"200991055704848072321835649022205081417",
"314445733331473514438239458627334934923",
"290215494774479982526444497481484572928",
"150837300128228537133125342259255129700",
"158274056577435042297687633569209542541",
"335343134791047350178012205680999322642",
"191751358642596428187797542992949197800",
"108587633537507210242609878158511307392"
]
},
"id": "ASB-A-285645039-b24378a7",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/d3bee21e053401c30a1a5cee5a7ddd2d9fa0463e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"9560257399028977192882822136888446391",
"6814727255881169936930416864601371522",
"95344555408575203031917538580592384557",
"208613213791790390267597640934962107644",
"94612942637015893079560201185174185719",
"149102618012575246417676794546503739423"
]
},
"id": "ASB-A-285645039-baaf2c19",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/d3bee21e053401c30a1a5cee5a7ddd2d9fa0463e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.h"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/StatsD/+/d3bee21e053401c30a1a5cee5a7ddd2d9fa0463e"
],
"spl": "2023-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/packages/modules/StatsD
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"9560257399028977192882822136888446391",
"6814727255881169936930416864601371522",
"95344555408575203031917538580592384557",
"208613213791790390267597640934962107644",
"94612942637015893079560201185174185719",
"149102618012575246417676794546503739423"
]
},
"id": "ASB-A-285645039-24b1ceba",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/8dca7a8e0f241a041ac2e061c0070839aee560ff",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.h"
},
"signature_type": "Line"
},
{
"digest": {
"length": 1932.0,
"function_hash": "150911719169882205645024166510874957982"
},
"id": "ASB-A-285645039-2a98aade",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/8dca7a8e0f241a041ac2e061c0070839aee560ff",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "mStatsCompanionServiceDeathRecipient"
},
"signature_type": "Function"
},
{
"digest": {
"length": 37.0,
"function_hash": "290532900627309439606711308425738821162"
},
"id": "ASB-A-285645039-a7518c2f",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/8dca7a8e0f241a041ac2e061c0070839aee560ff",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "StatsService::~StatsService"
},
"signature_type": "Function"
},
{
"digest": {
"length": 222.0,
"function_hash": "190139916014078794201190441593495255888"
},
"id": "ASB-A-285645039-b4c7688d",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/8dca7a8e0f241a041ac2e061c0070839aee560ff",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "StatsService::readLogs"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"162094486690609551357265491806306373800",
"21343630666638973742897342745690999120",
"288223269456115365291245602458738083098",
"148667828061323797183185443430761605895",
"283245882279883015538077767184721125668",
"91011422154839185681590367440624013254",
"228991447056343218450583282699753578122",
"200991055704848072321835649022205081417",
"314445733331473514438239458627334934923",
"290215494774479982526444497481484572928",
"150837300128228537133125342259255129700",
"158274056577435042297687633569209542541",
"335343134791047350178012205680999322642",
"191751358642596428187797542992949197800",
"108587633537507210242609878158511307392"
]
},
"id": "ASB-A-285645039-d7c42036",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/8dca7a8e0f241a041ac2e061c0070839aee560ff",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/StatsD/+/8dca7a8e0f241a041ac2e061c0070839aee560ff"
],
"spl": "2023-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/packages/modules/StatsD
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"162094486690609551357265491806306373800",
"21343630666638973742897342745690999120",
"288223269456115365291245602458738083098",
"148667828061323797183185443430761605895",
"283245882279883015538077767184721125668",
"91011422154839185681590367440624013254",
"228991447056343218450583282699753578122",
"200991055704848072321835649022205081417",
"314445733331473514438239458627334934923",
"290215494774479982526444497481484572928",
"150837300128228537133125342259255129700",
"158274056577435042297687633569209542541",
"299056411393582019832200088668149889192",
"108587633537507210242609878158511307392",
"108587633537507210242609878158511307392"
]
},
"id": "ASB-A-285645039-02c1fe38",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/c578fa427fea745fd4555ee23d5642a1d2cd0ce3",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp"
},
"signature_type": "Line"
},
{
"digest": {
"length": 2510.0,
"function_hash": "122149015475048257650068008049466191562"
},
"id": "ASB-A-285645039-225fa4c3",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/c578fa427fea745fd4555ee23d5642a1d2cd0ce3",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "mInitEventDelaySecs"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"24938293731554636473098398205316056354",
"18944739092555810520413270013999179633",
"62673561178611369184800734059699398735",
"107651199482235546255415669659835414516",
"15664087137759784019850001285856476293",
"52788991262695293056646716387794235053"
]
},
"id": "ASB-A-285645039-4a816df9",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/c578fa427fea745fd4555ee23d5642a1d2cd0ce3",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.h"
},
"signature_type": "Line"
},
{
"digest": {
"length": 37.0,
"function_hash": "290532900627309439606711308425738821162"
},
"id": "ASB-A-285645039-537165a9",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/c578fa427fea745fd4555ee23d5642a1d2cd0ce3",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "StatsService::~StatsService"
},
"signature_type": "Function"
},
{
"digest": {
"length": 222.0,
"function_hash": "190139916014078794201190441593495255888"
},
"id": "ASB-A-285645039-f8e3caeb",
"source": "https://android.googlesource.com/platform/packages/modules/StatsD/+/c578fa427fea745fd4555ee23d5642a1d2cd0ce3",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "statsd/src/StatsService.cpp",
"function": "StatsService::readLogs"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/StatsD/+/c578fa427fea745fd4555ee23d5642a1d2cd0ce3"
],
"spl": "2023-11-01",
"severity": "High",
"types": [
"EoP"
]
}