ASB-A-349678452
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-349678452.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-349678452
- Aliases
-
- A-349678452
- CVE-2024-43768
- Published
- 2024-12-01T00:00:00Z
- Modified
- 2025-10-13T15:01:54.398779Z
- Summary
- [none]
- Details
-
In skiaallocfunc of SkDeflate.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/external/skia
Package
Ecosystem specific
{
"vanir_signatures": [
{
"target": {
"function": "skia_alloc_func",
"file": "src/pdf/SkDeflate.cpp"
},
"signature_version": "v1",
"signature_type": "Function",
"id": "ASB-A-349678452-6d8cf6e9",
"source": "https://android.googlesource.com/platform/external/skia/+/27acba5039a763f8bad30d28eb754d6f1f959caa",
"match_only_versions": [
"12"
],
"digest": {
"length": 150.0,
"function_hash": "177381958124754469005351273126681564475"
},
"deprecated": false
},
{
"digest": {
"line_hashes": [
"330314474174488366264877949931744949537",
"66910785304852404025949030987018232494",
"324853113609809817558923803384765034798",
"36916278731046622565152283442075511269",
"111827303233559505537936586512190658783",
"216572286767335958811174421288739920060",
"153014274211960944691051419373588606095"
],
"threshold": 0.9
},
"target": {
"file": "src/pdf/SkDeflate.cpp"
},
"signature_version": "v1",
"signature_type": "Line",
"id": "ASB-A-349678452-cc16539f",
"source": "https://android.googlesource.com/platform/external/skia/+/27acba5039a763f8bad30d28eb754d6f1f959caa",
"deprecated": false
}
],
"fixes": [
"https://android.googlesource.com/platform/external/skia/+/27acba5039a763f8bad30d28eb754d6f1f959caa"
],
"severity": "High",
"types": [
"EoP"
],
"spl": "2024-12-01"
}
Android / platform/external/skia
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"line_hashes": [
"330314474174488366264877949931744949537",
"66910785304852404025949030987018232494",
"324853113609809817558923803384765034798",
"36916278731046622565152283442075511269",
"111827303233559505537936586512190658783",
"216572286767335958811174421288739920060",
"153014274211960944691051419373588606095"
],
"threshold": 0.9
},
"target": {
"file": "src/pdf/SkDeflate.cpp"
},
"signature_version": "v1",
"signature_type": "Line",
"id": "ASB-A-349678452-2254a36a",
"source": "https://android.googlesource.com/platform/external/skia/+/27acba5039a763f8bad30d28eb754d6f1f959caa",
"deprecated": false
},
{
"target": {
"function": "skia_alloc_func",
"file": "src/pdf/SkDeflate.cpp"
},
"signature_version": "v1",
"signature_type": "Function",
"id": "ASB-A-349678452-df1bcb9e",
"source": "https://android.googlesource.com/platform/external/skia/+/27acba5039a763f8bad30d28eb754d6f1f959caa",
"match_only_versions": [
"12L"
],
"digest": {
"length": 150.0,
"function_hash": "177381958124754469005351273126681564475"
},
"deprecated": false
}
],
"fixes": [
"https://android.googlesource.com/platform/external/skia/+/27acba5039a763f8bad30d28eb754d6f1f959caa"
],
"severity": "High",
"types": [
"EoP"
],
"spl": "2024-12-01"
}
Android / platform/external/skia
Package
Ecosystem specific
{
"vanir_signatures": [
{
"target": {
"function": "skia_alloc_func",
"file": "src/pdf/SkDeflate.cpp"
},
"signature_version": "v1",
"signature_type": "Function",
"id": "ASB-A-349678452-8074fd24",
"source": "https://android.googlesource.com/platform/external/skia/+/27acba5039a763f8bad30d28eb754d6f1f959caa",
"match_only_versions": [
"13"
],
"digest": {
"length": 150.0,
"function_hash": "177381958124754469005351273126681564475"
},
"deprecated": false
},
{
"digest": {
"line_hashes": [
"330314474174488366264877949931744949537",
"66910785304852404025949030987018232494",
"324853113609809817558923803384765034798",
"36916278731046622565152283442075511269",
"111827303233559505537936586512190658783",
"216572286767335958811174421288739920060",
"153014274211960944691051419373588606095"
],
"threshold": 0.9
},
"target": {
"file": "src/pdf/SkDeflate.cpp"
},
"signature_version": "v1",
"signature_type": "Line",
"id": "ASB-A-349678452-f66cc624",
"source": "https://android.googlesource.com/platform/external/skia/+/27acba5039a763f8bad30d28eb754d6f1f959caa",
"deprecated": false
}
],
"fixes": [
"https://android.googlesource.com/platform/external/skia/+/27acba5039a763f8bad30d28eb754d6f1f959caa"
],
"severity": "High",
"types": [
"EoP"
],
"spl": "2024-12-01"
}
Android / platform/external/skia
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"line_hashes": [
"245486692926100039007742811449388612901",
"294213052252660620709435918358324505446",
"79733914895843489633987636176584856289",
"36916278731046622565152283442075511269",
"111827303233559505537936586512190658783",
"216572286767335958811174421288739920060",
"153014274211960944691051419373588606095"
],
"threshold": 0.9
},
"target": {
"file": "src/pdf/SkDeflate.cpp"
},
"signature_version": "v1",
"signature_type": "Line",
"id": "ASB-A-349678452-95e6e6c0",
"source": "https://android.googlesource.com/platform/external/skia/+/9ce8faf83adfc61df2f787954adc1a7fbbf37b65",
"deprecated": false
},
{
"target": {
"function": "skia_alloc_func",
"file": "src/pdf/SkDeflate.cpp"
},
"signature_version": "v1",
"signature_type": "Function",
"id": "ASB-A-349678452-fdfaa55e",
"source": "https://android.googlesource.com/platform/external/skia/+/9ce8faf83adfc61df2f787954adc1a7fbbf37b65",
"match_only_versions": [
"14"
],
"digest": {
"length": 150.0,
"function_hash": "177381958124754469005351273126681564475"
},
"deprecated": false
}
],
"fixes": [
"https://android.googlesource.com/platform/external/skia/+/9ce8faf83adfc61df2f787954adc1a7fbbf37b65"
],
"severity": "High",
"types": [
"EoP"
],
"spl": "2024-12-01"
}