In ARTPWriter of ARTPWriter.cpp, there is a possible use after free due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "11263277234862368838928103238306349862", "95926712572035257571059956409014047376", "6785934054751617800003206332605034823", "80935772684323423832167741694244018035" ] }, "id": "ASB-A-287298721-07f15a41", "source": "https://android.googlesource.com/platform/frameworks/av/+/0efe2b4d6b739650039c2cab176ef11d5f5ac49c", "deprecated": false, "signature_version": "v1", "target": { "file": "media/libstagefright/rtsp/ARTPWriter.cpp" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/av/+/0efe2b4d6b739650039c2cab176ef11d5f5ac49c" ], "spl": "2023-11-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "11263277234862368838928103238306349862", "95926712572035257571059956409014047376", "6785934054751617800003206332605034823", "80935772684323423832167741694244018035" ] }, "id": "ASB-A-287298721-a1071b5f", "source": "https://android.googlesource.com/platform/frameworks/av/+/0efe2b4d6b739650039c2cab176ef11d5f5ac49c", "deprecated": false, "signature_version": "v1", "target": { "file": "media/libstagefright/rtsp/ARTPWriter.cpp" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/av/+/0efe2b4d6b739650039c2cab176ef11d5f5ac49c" ], "spl": "2023-11-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "11263277234862368838928103238306349862", "95926712572035257571059956409014047376", "6785934054751617800003206332605034823", "80935772684323423832167741694244018035" ] }, "id": "ASB-A-287298721-0d291867", "source": "https://android.googlesource.com/platform/frameworks/av/+/0efe2b4d6b739650039c2cab176ef11d5f5ac49c", "deprecated": false, "signature_version": "v1", "target": { "file": "media/libstagefright/rtsp/ARTPWriter.cpp" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/av/+/0efe2b4d6b739650039c2cab176ef11d5f5ac49c" ], "spl": "2023-11-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "11263277234862368838928103238306349862", "95926712572035257571059956409014047376", "6785934054751617800003206332605034823", "80935772684323423832167741694244018035" ] }, "id": "ASB-A-287298721-164f45e1", "source": "https://android.googlesource.com/platform/frameworks/av/+/0efe2b4d6b739650039c2cab176ef11d5f5ac49c", "deprecated": false, "signature_version": "v1", "target": { "file": "media/libstagefright/rtsp/ARTPWriter.cpp" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/av/+/0efe2b4d6b739650039c2cab176ef11d5f5ac49c" ], "spl": "2023-11-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "11263277234862368838928103238306349862", "95926712572035257571059956409014047376", "6785934054751617800003206332605034823", "80935772684323423832167741694244018035" ] }, "id": "ASB-A-287298721-66430d15", "source": "https://android.googlesource.com/platform/frameworks/av/+/0efe2b4d6b739650039c2cab176ef11d5f5ac49c", "deprecated": false, "signature_version": "v1", "target": { "file": "media/libstagefright/rtsp/ARTPWriter.cpp" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/av/+/0efe2b4d6b739650039c2cab176ef11d5f5ac49c" ], "spl": "2023-11-01", "severity": "High", "types": [ "EoP" ] }