ASB-A-300007708
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-300007708.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-300007708
- Aliases
-
- A-300007708
- CVE-2024-0040
- Published
- 2024-02-01T00:00:00Z
- Modified
- 2025-11-25T16:14:47.974140Z
- Summary
- [none]
- Details
-
In setParameter of MtpPacket.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/av
Package
- Name
- platform/frameworks/av
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/e1494a2d8e7eee25d7ea5469be43740e97294c99"
],
"severity": "High",
"types": [
"ID"
],
"spl": "2024-02-01",
"vanir_signatures": [
{
"target": {
"file": "media/mtp/MtpPacket.cpp"
},
"signature_version": "v1",
"id": "ASB-A-300007708-19e620ae",
"digest": {
"line_hashes": [
"325429838327676121080075683515326448065",
"129768529294241399848549271647519954458",
"334674666946550792711235234589636658088",
"25817773784128918456096976811635035555",
"178465013067266614784176939361293545155"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/e1494a2d8e7eee25d7ea5469be43740e97294c99",
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "media/mtp/MtpPacket.cpp",
"function": "MtpPacket::setParameter"
},
"signature_version": "v1",
"id": "ASB-A-300007708-b36b90c3",
"digest": {
"length": 372.0,
"function_hash": "258562940385383442331892322260107070213"
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/e1494a2d8e7eee25d7ea5469be43740e97294c99",
"deprecated": false,
"signature_type": "Function"
}
]
}platform/frameworks/av
Package
- Name
- platform/frameworks/av
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/edf60c63243903b9f27f58f4954c599470d011fd"
],
"severity": "High",
"types": [
"ID"
],
"spl": "2024-02-01",
"vanir_signatures": [
{
"target": {
"file": "media/mtp/MtpPacket.cpp"
},
"signature_version": "v1",
"id": "ASB-A-300007708-67bf0cf2",
"digest": {
"line_hashes": [
"325429838327676121080075683515326448065",
"129768529294241399848549271647519954458",
"334674666946550792711235234589636658088",
"25817773784128918456096976811635035555",
"178465013067266614784176939361293545155"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/edf60c63243903b9f27f58f4954c599470d011fd",
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "media/mtp/MtpPacket.cpp",
"function": "MtpPacket::setParameter"
},
"signature_version": "v1",
"id": "ASB-A-300007708-f84b2cc9",
"digest": {
"length": 372.0,
"function_hash": "258562940385383442331892322260107070213"
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/edf60c63243903b9f27f58f4954c599470d011fd",
"deprecated": false,
"signature_type": "Function"
}
]
}platform/frameworks/av
Package
- Name
- platform/frameworks/av
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/55757c291af9c88bf829e01fda90e626f6ff06eb"
],
"severity": "High",
"types": [
"ID"
],
"spl": "2024-02-01",
"vanir_signatures": [
{
"target": {
"file": "media/mtp/MtpPacket.cpp"
},
"signature_version": "v1",
"id": "ASB-A-300007708-1a3ba7bc",
"digest": {
"line_hashes": [
"325429838327676121080075683515326448065",
"129768529294241399848549271647519954458",
"334674666946550792711235234589636658088",
"25817773784128918456096976811635035555",
"178465013067266614784176939361293545155"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/55757c291af9c88bf829e01fda90e626f6ff06eb",
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "media/mtp/MtpPacket.cpp",
"function": "MtpPacket::setParameter"
},
"signature_version": "v1",
"id": "ASB-A-300007708-f2c6a8ec",
"digest": {
"length": 372.0,
"function_hash": "258562940385383442331892322260107070213"
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/55757c291af9c88bf829e01fda90e626f6ff06eb",
"deprecated": false,
"signature_type": "Function"
}
]
}platform/frameworks/av
Package
- Name
- platform/frameworks/av
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/d5d10d821f05e8d03104921c4320d9739c0c475f"
],
"severity": "High",
"types": [
"ID"
],
"spl": "2024-02-01",
"vanir_signatures": [
{
"target": {
"file": "media/mtp/MtpPacket.cpp"
},
"signature_version": "v1",
"id": "ASB-A-300007708-344ed643",
"digest": {
"line_hashes": [
"325429838327676121080075683515326448065",
"129768529294241399848549271647519954458",
"334674666946550792711235234589636658088",
"25817773784128918456096976811635035555",
"178465013067266614784176939361293545155"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/d5d10d821f05e8d03104921c4320d9739c0c475f",
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "media/mtp/MtpPacket.cpp",
"function": "MtpPacket::setParameter"
},
"signature_version": "v1",
"id": "ASB-A-300007708-7fec4db4",
"digest": {
"length": 372.0,
"function_hash": "258562940385383442331892322260107070213"
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/d5d10d821f05e8d03104921c4320d9739c0c475f",
"deprecated": false,
"signature_type": "Function"
}
]
}platform/frameworks/av
Package
- Name
- platform/frameworks/av
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/960d83c60805bd0991e02cd72224a4063097af89"
],
"severity": "High",
"types": [
"ID"
],
"spl": "2024-02-01",
"vanir_signatures": [
{
"target": {
"file": "media/mtp/MtpPacket.cpp",
"function": "MtpPacket::setParameter"
},
"signature_version": "v1",
"id": "ASB-A-300007708-a3fce1cd",
"digest": {
"length": 372.0,
"function_hash": "258562940385383442331892322260107070213"
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/960d83c60805bd0991e02cd72224a4063097af89",
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "media/mtp/MtpPacket.cpp"
},
"signature_version": "v1",
"id": "ASB-A-300007708-af900d65",
"digest": {
"line_hashes": [
"325429838327676121080075683515326448065",
"129768529294241399848549271647519954458",
"334674666946550792711235234589636658088",
"25817773784128918456096976811635035555",
"178465013067266614784176939361293545155"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/960d83c60805bd0991e02cd72224a4063097af89",
"deprecated": false,
"signature_type": "Line"
}
]
}platform/frameworks/av
Package
- Name
- platform/frameworks/av
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/38852806102bb7e9d46f4b0de8a3b4918d625ad4"
],
"severity": "High",
"types": [
"ID"
],
"spl": "2024-02-01",
"vanir_signatures": [
{
"target": {
"file": "media/mtp/MtpPacket.cpp",
"function": "MtpPacket::setParameter"
},
"signature_version": "v1",
"id": "ASB-A-300007708-2054454b",
"digest": {
"length": 372.0,
"function_hash": "258562940385383442331892322260107070213"
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/38852806102bb7e9d46f4b0de8a3b4918d625ad4",
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "media/mtp/MtpPacket.cpp"
},
"signature_version": "v1",
"id": "ASB-A-300007708-8f2f84c7",
"digest": {
"line_hashes": [
"325429838327676121080075683515326448065",
"129768529294241399848549271647519954458",
"334674666946550792711235234589636658088",
"25817773784128918456096976811635035555",
"178465013067266614784176939361293545155"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/38852806102bb7e9d46f4b0de8a3b4918d625ad4",
"deprecated": false,
"signature_type": "Line"
}
]
}