ASB-A-288549440
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-288549440.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-288549440
- Aliases
-
- A-288549440
- CVE-2024-34736
- Published
- 2024-08-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In setupVideoEncoder of StagefrightRecorder.cpp, there is a possible asynchronous playback when B-frame support is enabled. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"48014583433414044657999189776343793555",
"300116633396057778763138402037766808215",
"161093094932862104956630125154298572484",
"204500082656587939521040242490357846720"
]
},
"id": "ASB-A-288549440-3d51944e",
"source": "https://android.googlesource.com/platform/frameworks/av/+/61ed373ba34ddad4f7bbb3469981ca0a59ed78a8",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/libmediaplayerservice/StagefrightRecorder.cpp"
},
"signature_type": "Line"
},
{
"digest": {
"length": 4462.0,
"function_hash": "68435010956391646771452767898749978350"
},
"id": "ASB-A-288549440-a0517c61",
"source": "https://android.googlesource.com/platform/frameworks/av/+/61ed373ba34ddad4f7bbb3469981ca0a59ed78a8",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/libmediaplayerservice/StagefrightRecorder.cpp",
"function": "StagefrightRecorder::setupVideoEncoder"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/61ed373ba34ddad4f7bbb3469981ca0a59ed78a8"
],
"spl": "2024-08-01",
"severity": "High",
"types": [
"ID"
]
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 4249.0,
"function_hash": "87862561965951045351585929273788283063"
},
"id": "ASB-A-288549440-9b889d75",
"source": "https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/libmediaplayerservice/StagefrightRecorder.cpp",
"function": "StagefrightRecorder::setupVideoEncoder"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"48014583433414044657999189776343793555",
"300116633396057778763138402037766808215",
"161093094932862104956630125154298572484",
"204500082656587939521040242490357846720"
]
},
"id": "ASB-A-288549440-c2307bbd",
"source": "https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/libmediaplayerservice/StagefrightRecorder.cpp"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c"
],
"spl": "2024-08-01",
"severity": "High",
"types": [
"ID"
]
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"48014583433414044657999189776343793555",
"300116633396057778763138402037766808215",
"161093094932862104956630125154298572484",
"204500082656587939521040242490357846720"
]
},
"id": "ASB-A-288549440-2289957a",
"source": "https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/libmediaplayerservice/StagefrightRecorder.cpp"
},
"signature_type": "Line"
},
{
"digest": {
"length": 4249.0,
"function_hash": "87862561965951045351585929273788283063"
},
"id": "ASB-A-288549440-49795a40",
"source": "https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/libmediaplayerservice/StagefrightRecorder.cpp",
"function": "StagefrightRecorder::setupVideoEncoder"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c"
],
"spl": "2024-08-01",
"severity": "High",
"types": [
"ID"
]
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"48014583433414044657999189776343793555",
"300116633396057778763138402037766808215",
"161093094932862104956630125154298572484",
"204500082656587939521040242490357846720"
]
},
"id": "ASB-A-288549440-43b9be55",
"source": "https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/libmediaplayerservice/StagefrightRecorder.cpp"
},
"signature_type": "Line"
},
{
"digest": {
"length": 4249.0,
"function_hash": "87862561965951045351585929273788283063"
},
"id": "ASB-A-288549440-bbb60431",
"source": "https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/libmediaplayerservice/StagefrightRecorder.cpp",
"function": "StagefrightRecorder::setupVideoEncoder"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c"
],
"spl": "2024-08-01",
"severity": "High",
"types": [
"ID"
]
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 4249.0,
"function_hash": "87862561965951045351585929273788283063"
},
"id": "ASB-A-288549440-c95405bf",
"source": "https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/libmediaplayerservice/StagefrightRecorder.cpp",
"function": "StagefrightRecorder::setupVideoEncoder"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"48014583433414044657999189776343793555",
"300116633396057778763138402037766808215",
"161093094932862104956630125154298572484",
"204500082656587939521040242490357846720"
]
},
"id": "ASB-A-288549440-d7061b94",
"source": "https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "media/libmediaplayerservice/StagefrightRecorder.cpp"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/da3407f7688f35eb2dce79f1405feeb182241a3c"
],
"spl": "2024-08-01",
"severity": "High",
"types": [
"ID"
]
}