ASB-A-346797131

See a problem?

Import Source

https://storage.googleapis.com/android-osv/ASB-A-346797131.json

JSON Data

https://api.osv.dev/v1/vulns/ASB-A-346797131

Aliases

A-346797131
CVE-2025-22423

Published

2025-04-01T00:00:00Z

Modified

2025-10-24T15:26:23.750784Z

Summary

[none]

Details

In ParseTag of dng_ifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/external/dng_sdk

Package

Name: platform/external/dng_sdk

Affected ranges

Type: ECOSYSTEM
Events: Introduced

15-next:0

Fixed

15-next:2025-04-01

Affected versions

Other

15-next

Ecosystem specific

{
    "types": [
        "DoS"
    ],
    "spl": "2025-04-01",
    "severity": "Critical",
    "vanir_signatures": [
        {
            "id": "ASB-A-346797131-211cbe7e",
            "deprecated": false,
            "signature_version": "v1",
            "digest": {
                "length": 29200.0,
                "function_hash": "292124514316656757492031028141477568026"
            },
            "target": {
                "function": "dng_ifd::ParseTag",
                "file": "source/dng_ifd.cpp"
            },
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/c3a37d2bb97c78bac71b0293866a2397df00f8b0"
        },
        {
            "id": "ASB-A-346797131-77874c80",
            "deprecated": false,
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "208672506713105172373739116911822014320",
                    "77350146005984752882779486110317666313",
                    "18756321286853293097438210661910775849",
                    "226512580180044837456102984910510736498",
                    "15565942549344657871018324394238324927",
                    "290985152654726591463878210707806025492",
                    "299218795221087280037852351353464286798",
                    "285675980618954361851160847246471495360",
                    "59096683325698961708889591378635956025",
                    "130231004659496891579079062090514800854",
                    "8702532287776864963441243655434442831",
                    "176557504863404244437421911285817601820"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "source/dng_ifd.cpp"
            },
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/c3a37d2bb97c78bac71b0293866a2397df00f8b0"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/dng_sdk/+/c3a37d2bb97c78bac71b0293866a2397df00f8b0"
    ]
}

Android / platform/external/dng_sdk

Package

Name: platform/external/dng_sdk

Affected ranges

Type: ECOSYSTEM
Events: Introduced

15:0

Fixed

15:2025-04-01

Affected versions

Other

Ecosystem specific

{
    "types": [
        "DoS"
    ],
    "spl": "2025-04-01",
    "severity": "Critical",
    "vanir_signatures": [
        {
            "id": "ASB-A-346797131-2f698fe3",
            "deprecated": false,
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "208672506713105172373739116911822014320",
                    "77350146005984752882779486110317666313",
                    "18756321286853293097438210661910775849",
                    "226512580180044837456102984910510736498",
                    "15565942549344657871018324394238324927",
                    "290985152654726591463878210707806025492",
                    "299218795221087280037852351353464286798",
                    "285675980618954361851160847246471495360",
                    "59096683325698961708889591378635956025",
                    "130231004659496891579079062090514800854",
                    "8702532287776864963441243655434442831",
                    "176557504863404244437421911285817601820"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "source/dng_ifd.cpp"
            },
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/445d85031ac9c1cffd06bf8b3356d9391170a319"
        },
        {
            "id": "ASB-A-346797131-e0a5e56d",
            "deprecated": false,
            "signature_version": "v1",
            "digest": {
                "length": 29200.0,
                "function_hash": "292124514316656757492031028141477568026"
            },
            "target": {
                "function": "dng_ifd::ParseTag",
                "file": "source/dng_ifd.cpp"
            },
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/445d85031ac9c1cffd06bf8b3356d9391170a319"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/dng_sdk/+/445d85031ac9c1cffd06bf8b3356d9391170a319"
    ]
}

Android / platform/external/dng_sdk

Package

Name: platform/external/dng_sdk

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13:0

Fixed

13:2025-04-01

Affected versions

Other

Ecosystem specific

{
    "types": [
        "DoS"
    ],
    "spl": "2025-04-01",
    "severity": "Critical",
    "vanir_signatures": [
        {
            "id": "ASB-A-346797131-8c1f4713",
            "deprecated": false,
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "208672506713105172373739116911822014320",
                    "77350146005984752882779486110317666313",
                    "18756321286853293097438210661910775849",
                    "226512580180044837456102984910510736498",
                    "15565942549344657871018324394238324927",
                    "290985152654726591463878210707806025492",
                    "299218795221087280037852351353464286798",
                    "285675980618954361851160847246471495360",
                    "59096683325698961708889591378635956025",
                    "130231004659496891579079062090514800854",
                    "8702532287776864963441243655434442831",
                    "176557504863404244437421911285817601820"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "source/dng_ifd.cpp"
            },
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/f2e6d5540ca1eda4d313bf4071a29ef8bffea7f7"
        },
        {
            "id": "ASB-A-346797131-e6a30110",
            "deprecated": false,
            "signature_version": "v1",
            "digest": {
                "length": 29200.0,
                "function_hash": "292124514316656757492031028141477568026"
            },
            "target": {
                "function": "dng_ifd::ParseTag",
                "file": "source/dng_ifd.cpp"
            },
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/f2e6d5540ca1eda4d313bf4071a29ef8bffea7f7"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/dng_sdk/+/f2e6d5540ca1eda4d313bf4071a29ef8bffea7f7"
    ]
}

Android / platform/external/dng_sdk

Package

Name: platform/external/dng_sdk

Affected ranges

Type: ECOSYSTEM
Events: Introduced

14:0

Fixed

14:2025-04-01

Affected versions

Other

Ecosystem specific

{
    "types": [
        "DoS"
    ],
    "spl": "2025-04-01",
    "severity": "Critical",
    "vanir_signatures": [
        {
            "id": "ASB-A-346797131-bc146332",
            "deprecated": false,
            "signature_version": "v1",
            "digest": {
                "length": 29200.0,
                "function_hash": "292124514316656757492031028141477568026"
            },
            "target": {
                "function": "dng_ifd::ParseTag",
                "file": "source/dng_ifd.cpp"
            },
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/d11e3fa5130e1cd249e94ba3575a1b6e7903d056"
        },
        {
            "id": "ASB-A-346797131-e71c86e8",
            "deprecated": false,
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "208672506713105172373739116911822014320",
                    "77350146005984752882779486110317666313",
                    "18756321286853293097438210661910775849",
                    "226512580180044837456102984910510736498",
                    "15565942549344657871018324394238324927",
                    "290985152654726591463878210707806025492",
                    "299218795221087280037852351353464286798",
                    "285675980618954361851160847246471495360",
                    "59096683325698961708889591378635956025",
                    "130231004659496891579079062090514800854",
                    "8702532287776864963441243655434442831",
                    "176557504863404244437421911285817601820"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "source/dng_ifd.cpp"
            },
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/external/dng_sdk/+/d11e3fa5130e1cd249e94ba3575a1b6e7903d056"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/dng_sdk/+/d11e3fa5130e1cd249e94ba3575a1b6e7903d056"
    ]
}