ASB-A-294609150

See a problem?

Import Source

https://storage.googleapis.com/android-osv/ASB-A-294609150.json

JSON Data

https://api.osv.dev/v1/vulns/ASB-A-294609150

Aliases

CVE-2024-0033

Published

2024-02-01T00:00:00Z

Modified

2024-07-26T15:04:29Z

Summary

[Binder MemoryHeapBase] - Need to SEAL file size on memfd mapped region

Details

In multiple functions of ashmem-dev.cpp, there is a possible missing seal due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/native

Package

Name: platform/frameworks/native

Affected ranges

Type: ECOSYSTEM
Events: Introduced

14-next:0

Fixed

14-next:2024-02-01

Affected versions

Other

14-next

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/native/+/3d9f1e3b0a135b784b9ffa0e65d6a699c7ed1f8e"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/system/core

Package

Name: platform/system/core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

14-next:0

Fixed

14-next:2024-02-01

Affected versions

Other

14-next

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/system/core/+/f83c5c8fecf89d9315945368aa20350c2f235cc0"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/system/core

Package

Name: platform/system/core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

11:0

Fixed

11:2024-02-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/system/core/+/61a2897733e15a12b7aa2dfd99957e83cbe59351"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/system/core

Package

Name: platform/system/core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12:0

Fixed

12:2024-02-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/system/core/+/61a2897733e15a12b7aa2dfd99957e83cbe59351"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/system/core

Package

Name: platform/system/core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12L:0

Fixed

12L:2024-02-01

Affected versions

Other

12L

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/system/core/+/61a2897733e15a12b7aa2dfd99957e83cbe59351"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/frameworks/native

Package

Name: platform/frameworks/native

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13:0

Fixed

13:2024-02-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/native/+/f2c1d9d28083fdcba53f346bba5289e72bc4be49"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/system/core

Package

Name: platform/system/core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13:0

Fixed

13:2024-02-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/system/core/+/61a2897733e15a12b7aa2dfd99957e83cbe59351"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/frameworks/native

Package

Name: platform/frameworks/native

Affected ranges

Type: ECOSYSTEM
Events: Introduced

14:0

Fixed

14:2024-02-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/native/+/77b758c59f58a05d1c0d45350796951bc778745f"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/system/core

Package

Name: platform/system/core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

14:0

Fixed

14:2024-02-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/system/core/+/61a2897733e15a12b7aa2dfd99957e83cbe59351"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}