ASB-A-346797131

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-346797131.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-346797131
Aliases
  • A-346797131
  • CVE-2025-22423
Published
2025-04-01T00:00:00Z
Modified
2025-07-04T14:49:55.829990Z
Summary
[none]
Details

In ParseTag of dng_ifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/external/dng_sdk

Package

Name
platform/external/dng_sdk

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15-next:0
Fixed
15-next:2025-04-01

Affected versions

Other

15-next

Ecosystem specific 

{
    "fixes": [
        "https://android.googlesource.com/platform/external/dng_sdk/+/c3a37d2bb97c78bac71b0293866a2397df00f8b0"
    ],
    "severity": "Critical",
    "types": [
        "DoS"
    ],
    "spl": "2025-04-01",
    "vanir_signatures": [
        {
            "target": {
                "file": "source/dng_ifd.cpp",
                "function": "dng_ifd::ParseTag"
            },
            "id": "ASB-A-346797131-211cbe7e",
            "deprecated": false,
            "digest": {
                "function_hash": "292124514316656757492031028141477568026",
                "length": 29200.0
            },
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/c3a37d2bb97c78bac71b0293866a2397df00f8b0",
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "source/dng_ifd.cpp"
            },
            "id": "ASB-A-346797131-77874c80",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "208672506713105172373739116911822014320",
                    "77350146005984752882779486110317666313",
                    "18756321286853293097438210661910775849",
                    "226512580180044837456102984910510736498",
                    "15565942549344657871018324394238324927",
                    "290985152654726591463878210707806025492",
                    "299218795221087280037852351353464286798",
                    "285675980618954361851160847246471495360",
                    "59096683325698961708889591378635956025",
                    "130231004659496891579079062090514800854",
                    "8702532287776864963441243655434442831",
                    "176557504863404244437421911285817601820"
                ]
            },
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/c3a37d2bb97c78bac71b0293866a2397df00f8b0",
            "signature_type": "Line",
            "signature_version": "v1"
        }
    ]
}

Android / platform/external/dng_sdk

Package

Name
platform/external/dng_sdk

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15:0
Fixed
15:2025-04-01

Affected versions

Other

15

Ecosystem specific 

{
    "fixes": [
        "https://android.googlesource.com/platform/external/dng_sdk/+/445d85031ac9c1cffd06bf8b3356d9391170a319"
    ],
    "severity": "Critical",
    "types": [
        "DoS"
    ],
    "spl": "2025-04-01",
    "vanir_signatures": [
        {
            "target": {
                "file": "source/dng_ifd.cpp"
            },
            "id": "ASB-A-346797131-2f698fe3",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "208672506713105172373739116911822014320",
                    "77350146005984752882779486110317666313",
                    "18756321286853293097438210661910775849",
                    "226512580180044837456102984910510736498",
                    "15565942549344657871018324394238324927",
                    "290985152654726591463878210707806025492",
                    "299218795221087280037852351353464286798",
                    "285675980618954361851160847246471495360",
                    "59096683325698961708889591378635956025",
                    "130231004659496891579079062090514800854",
                    "8702532287776864963441243655434442831",
                    "176557504863404244437421911285817601820"
                ]
            },
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/445d85031ac9c1cffd06bf8b3356d9391170a319",
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "source/dng_ifd.cpp",
                "function": "dng_ifd::ParseTag"
            },
            "id": "ASB-A-346797131-e0a5e56d",
            "deprecated": false,
            "digest": {
                "function_hash": "292124514316656757492031028141477568026",
                "length": 29200.0
            },
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/445d85031ac9c1cffd06bf8b3356d9391170a319",
            "signature_type": "Function",
            "signature_version": "v1"
        }
    ]
}

Android / platform/external/dng_sdk

Package

Name
platform/external/dng_sdk

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2025-04-01

Affected versions

Other

13

Ecosystem specific 

{
    "fixes": [
        "https://android.googlesource.com/platform/external/dng_sdk/+/f2e6d5540ca1eda4d313bf4071a29ef8bffea7f7"
    ],
    "severity": "Critical",
    "types": [
        "DoS"
    ],
    "spl": "2025-04-01",
    "vanir_signatures": [
        {
            "target": {
                "file": "source/dng_ifd.cpp"
            },
            "id": "ASB-A-346797131-8c1f4713",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "208672506713105172373739116911822014320",
                    "77350146005984752882779486110317666313",
                    "18756321286853293097438210661910775849",
                    "226512580180044837456102984910510736498",
                    "15565942549344657871018324394238324927",
                    "290985152654726591463878210707806025492",
                    "299218795221087280037852351353464286798",
                    "285675980618954361851160847246471495360",
                    "59096683325698961708889591378635956025",
                    "130231004659496891579079062090514800854",
                    "8702532287776864963441243655434442831",
                    "176557504863404244437421911285817601820"
                ]
            },
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/f2e6d5540ca1eda4d313bf4071a29ef8bffea7f7",
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "source/dng_ifd.cpp",
                "function": "dng_ifd::ParseTag"
            },
            "id": "ASB-A-346797131-e6a30110",
            "deprecated": false,
            "digest": {
                "function_hash": "292124514316656757492031028141477568026",
                "length": 29200.0
            },
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/f2e6d5540ca1eda4d313bf4071a29ef8bffea7f7",
            "signature_type": "Function",
            "signature_version": "v1"
        }
    ]
}

Android / platform/external/dng_sdk

Package

Name
platform/external/dng_sdk

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14:0
Fixed
14:2025-04-01

Affected versions

Other

14

Ecosystem specific 

{
    "fixes": [
        "https://android.googlesource.com/platform/external/dng_sdk/+/d11e3fa5130e1cd249e94ba3575a1b6e7903d056"
    ],
    "severity": "Critical",
    "types": [
        "DoS"
    ],
    "spl": "2025-04-01",
    "vanir_signatures": [
        {
            "target": {
                "file": "source/dng_ifd.cpp",
                "function": "dng_ifd::ParseTag"
            },
            "id": "ASB-A-346797131-bc146332",
            "deprecated": false,
            "digest": {
                "function_hash": "292124514316656757492031028141477568026",
                "length": 29200.0
            },
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/d11e3fa5130e1cd249e94ba3575a1b6e7903d056",
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "source/dng_ifd.cpp"
            },
            "id": "ASB-A-346797131-e71c86e8",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "208672506713105172373739116911822014320",
                    "77350146005984752882779486110317666313",
                    "18756321286853293097438210661910775849",
                    "226512580180044837456102984910510736498",
                    "15565942549344657871018324394238324927",
                    "290985152654726591463878210707806025492",
                    "299218795221087280037852351353464286798",
                    "285675980618954361851160847246471495360",
                    "59096683325698961708889591378635956025",
                    "130231004659496891579079062090514800854",
                    "8702532287776864963441243655434442831",
                    "176557504863404244437421911285817601820"
                ]
            },
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/d11e3fa5130e1cd249e94ba3575a1b6e7903d056",
            "signature_type": "Line",
            "signature_version": "v1"
        }
    ]
}