ASB-A-347735428
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-347735428.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-347735428
- Aliases
-
- A-347735428
- CVE-2025-0081
- Published
- 2025-03-01T00:00:00Z
- Modified
- 2025-07-10T15:11:05.955812Z
- Summary
- [none]
- Details
-
In dnglosslessdecoder::HuffDecode of dnglosslessjpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/external/dng_sdk
Package
Ecosystem specific
{
"spl": "2025-03-01",
"severity": "Critical",
"fixes": [
"https://android.googlesource.com/platform/external/dng_sdk/+/a22d1f0f07d998a53dd49a941d3a588f55b36399"
],
"vanir_signatures": [
{
"signature_version": "v1",
"target": {
"function": "dng_lossless_decoder::HuffDecode",
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/a22d1f0f07d998a53dd49a941d3a588f55b36399",
"signature_type": "Function",
"digest": {
"length": 481.0,
"function_hash": "44118990782442989971520362830657759096"
},
"deprecated": false,
"id": "ASB-A-347735428-07f2a8c3"
},
{
"signature_version": "v1",
"target": {
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/a22d1f0f07d998a53dd49a941d3a588f55b36399",
"signature_type": "Line",
"digest": {
"line_hashes": [
"202547611177054701034872398982999876811",
"159620168567637667498119843984396843211",
"44069793425545066664780021469054570000"
],
"threshold": 0.9
},
"deprecated": false,
"id": "ASB-A-347735428-75f7b436"
}
],
"types": [
"DoS"
]
}
Android / platform/external/dng_sdk
Package
Ecosystem specific
{
"spl": "2025-03-01",
"severity": "Critical",
"fixes": [
"https://android.googlesource.com/platform/external/dng_sdk/+/ef6549c8eb3b202e8b47c41ba39d7957274aa12b"
],
"vanir_signatures": [
{
"signature_version": "v1",
"target": {
"function": "dng_lossless_decoder::HuffDecode",
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/ef6549c8eb3b202e8b47c41ba39d7957274aa12b",
"signature_type": "Function",
"digest": {
"length": 481.0,
"function_hash": "44118990782442989971520362830657759096"
},
"deprecated": false,
"id": "ASB-A-347735428-6f7c4138"
},
{
"signature_version": "v1",
"target": {
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/ef6549c8eb3b202e8b47c41ba39d7957274aa12b",
"signature_type": "Line",
"digest": {
"line_hashes": [
"202547611177054701034872398982999876811",
"159620168567637667498119843984396843211",
"44069793425545066664780021469054570000"
],
"threshold": 0.9
},
"deprecated": false,
"id": "ASB-A-347735428-b6d59679"
}
],
"types": [
"DoS"
]
}
Android / platform/external/dng_sdk
Package
Ecosystem specific
{
"spl": "2025-03-01",
"severity": "Critical",
"fixes": [
"https://android.googlesource.com/platform/external/dng_sdk/+/97cbb86f575c92ccd097407bb1fe5ad9bb532944"
],
"vanir_signatures": [
{
"signature_version": "v1",
"target": {
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/97cbb86f575c92ccd097407bb1fe5ad9bb532944",
"signature_type": "Line",
"digest": {
"line_hashes": [
"202547611177054701034872398982999876811",
"159620168567637667498119843984396843211",
"44069793425545066664780021469054570000"
],
"threshold": 0.9
},
"deprecated": false,
"id": "ASB-A-347735428-88cce0b2"
},
{
"signature_version": "v1",
"target": {
"function": "dng_lossless_decoder::HuffDecode",
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/97cbb86f575c92ccd097407bb1fe5ad9bb532944",
"signature_type": "Function",
"digest": {
"length": 481.0,
"function_hash": "44118990782442989971520362830657759096"
},
"deprecated": false,
"id": "ASB-A-347735428-ace64fae"
}
],
"types": [
"DoS"
]
}
Android / platform/external/dng_sdk
Package
Ecosystem specific
{
"spl": "2025-03-01",
"severity": "Critical",
"fixes": [
"https://android.googlesource.com/platform/external/dng_sdk/+/6fd49d6ecdf53aa96b290ee5b3e30a7d73c71679"
],
"vanir_signatures": [
{
"signature_version": "v1",
"target": {
"function": "dng_lossless_decoder::HuffDecode",
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/6fd49d6ecdf53aa96b290ee5b3e30a7d73c71679",
"signature_type": "Function",
"digest": {
"length": 481.0,
"function_hash": "44118990782442989971520362830657759096"
},
"deprecated": false,
"id": "ASB-A-347735428-6111fb64"
},
{
"signature_version": "v1",
"target": {
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/6fd49d6ecdf53aa96b290ee5b3e30a7d73c71679",
"signature_type": "Line",
"digest": {
"line_hashes": [
"202547611177054701034872398982999876811",
"159620168567637667498119843984396843211",
"44069793425545066664780021469054570000"
],
"threshold": 0.9
},
"deprecated": false,
"id": "ASB-A-347735428-df2e0ae7"
}
],
"types": [
"DoS"
]
}
Android / platform/external/dng_sdk
Package
Ecosystem specific
{
"spl": "2025-03-01",
"severity": "Critical",
"fixes": [
"https://android.googlesource.com/platform/external/dng_sdk/+/d125388473163ed70452c6e615b3c788805e0168"
],
"vanir_signatures": [
{
"signature_version": "v1",
"target": {
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/d125388473163ed70452c6e615b3c788805e0168",
"signature_type": "Line",
"digest": {
"line_hashes": [
"202547611177054701034872398982999876811",
"159620168567637667498119843984396843211",
"44069793425545066664780021469054570000"
],
"threshold": 0.9
},
"deprecated": false,
"id": "ASB-A-347735428-36c60252"
},
{
"signature_version": "v1",
"target": {
"function": "dng_lossless_decoder::HuffDecode",
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/d125388473163ed70452c6e615b3c788805e0168",
"signature_type": "Function",
"digest": {
"length": 481.0,
"function_hash": "44118990782442989971520362830657759096"
},
"deprecated": false,
"id": "ASB-A-347735428-921f5dfc"
}
],
"types": [
"DoS"
]
}
Android / platform/external/dng_sdk
Package
Ecosystem specific
{
"spl": "2025-03-01",
"severity": "Critical",
"fixes": [
"https://android.googlesource.com/platform/external/dng_sdk/+/89f7028f91aa2979fa88f51cdd37b6444b5cd9d9"
],
"vanir_signatures": [
{
"signature_version": "v1",
"target": {
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/89f7028f91aa2979fa88f51cdd37b6444b5cd9d9",
"signature_type": "Line",
"digest": {
"line_hashes": [
"202547611177054701034872398982999876811",
"159620168567637667498119843984396843211",
"44069793425545066664780021469054570000"
],
"threshold": 0.9
},
"deprecated": false,
"id": "ASB-A-347735428-774e0d05"
},
{
"signature_version": "v1",
"target": {
"function": "dng_lossless_decoder::HuffDecode",
"file": "source/dng_lossless_jpeg.cpp"
},
"source": "https://android.googlesource.com/platform/external/dng_sdk/+/89f7028f91aa2979fa88f51cdd37b6444b5cd9d9",
"signature_type": "Function",
"digest": {
"length": 481.0,
"function_hash": "44118990782442989971520362830657759096"
},
"deprecated": false,
"id": "ASB-A-347735428-b647a1b8"
}
],
"types": [
"DoS"
]
}