ASB-A-357870429
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-357870429.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-357870429
- Aliases
-
- A-357870429
- CVE-2024-49723
- Published
- 2025-02-01T00:00:00Z
- Modified
- 2026-04-21T15:25:42.831358Z
- Summary
- [none]
- Details
-
In static of NativeCrypto.java, there is a possible way to obtain clear-text data due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/external/conscrypt
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"299535632622317973775762261295033757321",
"298919683211628180965787637771525901670",
"72286295733434330215461289303693648091",
"180531072601765687022348721715007173985"
]
},
"id": "ASB-A-357870429-033ac58a",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/external/conscrypt/+/0c47caf05209b8adadb6c71689b29b6608680329",
"target": {
"file": "common/src/main/java/org/conscrypt/NativeCrypto.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"76345460774534919623046018758863211779",
"146974738303162855661303116537699460170",
"108662939524375085941082573143147275161",
"106410137962524325474991806287730020401"
]
},
"id": "ASB-A-357870429-19a7157e",
"deprecated": false,
"target": {
"file": "testing/src/main/java/org/conscrypt/java/security/StandardNames.java"
},
"signature_type": "Line",
"match_only_versions": [
"15-next"
],
"source": "https://android.googlesource.com/platform/external/conscrypt/+/0c47caf05209b8adadb6c71689b29b6608680329",
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"299535632622317973775762261295033757321",
"298919683211628180965787637771525901670",
"72286295733434330215461289303693648091",
"180531072601765687022348721715007173985"
]
},
"id": "ASB-A-357870429-2f9964ef",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/external/conscrypt/+/0c47caf05209b8adadb6c71689b29b6608680329",
"target": {
"file": "repackaged/common/src/main/java/com/android/org/conscrypt/NativeCrypto.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"76345460774534919623046018758863211779",
"146974738303162855661303116537699460170",
"108662939524375085941082573143147275161",
"106410137962524325474991806287730020401"
]
},
"id": "ASB-A-357870429-7dc63c38",
"deprecated": false,
"target": {
"file": "repackaged/testing/src/main/java/com/android/org/conscrypt/java/security/StandardNames.java"
},
"signature_type": "Line",
"match_only_versions": [
"15-next"
],
"source": "https://android.googlesource.com/platform/external/conscrypt/+/0c47caf05209b8adadb6c71689b29b6608680329",
"signature_version": "v1"
}
],
"fixes": [
"https://android.googlesource.com/platform/external/conscrypt/+/0c47caf05209b8adadb6c71689b29b6608680329"
],
"types": [
"ID"
],
"spl": "2025-02-01",
"severity": "High"
}
Android / platform/libcore
Package
- Name
- platform/libcore
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"66535016980524361043403149777297544018",
"208012504548989863176943934591374168083",
"169957629234222689884011151957709531530",
"149609068575646289901741320586169740841",
"17748157196980919623413425613948538200",
"237027060307776030073850333107935000425",
"260255072171673061633479995635217806784",
"185643812290469475858371970327481550919",
"136143440982469030459544041091062516959",
"66844011190315616230151133429621183345",
"148352931765224521536133833510480020653",
"156574747336136866153122351383737362338",
"43013417459654549848672957616778280628",
"173886808004223641137489881139146528192",
"187136071471501562839529036576399172460",
"164325365152946361337993087955725799003",
"245232122391884598577497400550867472484",
"54905948103801531835746623288164919107",
"110198207713622112801120385307461659394",
"26847733142662621468381641653628558401",
"127981282037734968740388963834057168007",
"292479159237603865445158800558546130494",
"257622853064060194934352056970888229902",
"66827743788910402863664397634699581426",
"29882031764466338251726601023402714436",
"211830598287674033212184393986568012810"
]
},
"id": "ASB-A-357870429-003662aa",
"deprecated": false,
"target": {
"file": "support/src/test/java/libcore/java/security/StandardNames.java"
},
"signature_type": "Line",
"match_only_versions": [
"15-next"
],
"source": "https://android.googlesource.com/platform/libcore/+/7f433dcc4e483fdf93c556b2f5a1455932b9790e",
"signature_version": "v1"
}
],
"fixes": [
"https://android.googlesource.com/platform/libcore/+/7f433dcc4e483fdf93c556b2f5a1455932b9790e"
],
"types": [
"ID"
],
"spl": "2025-02-01",
"severity": "High"
}
Android / platform/external/conscrypt
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"76345460774534919623046018758863211779",
"146974738303162855661303116537699460170",
"108662939524375085941082573143147275161",
"106410137962524325474991806287730020401"
]
},
"id": "ASB-A-357870429-489e63ca",
"deprecated": false,
"target": {
"file": "testing/src/main/java/org/conscrypt/java/security/StandardNames.java"
},
"signature_type": "Line",
"match_only_versions": [
"15"
],
"source": "https://android.googlesource.com/platform/external/conscrypt/+/7ffe97a8034fc98d4f91e0a24793d5f99200523f",
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"299535632622317973775762261295033757321",
"298919683211628180965787637771525901670",
"72286295733434330215461289303693648091",
"180531072601765687022348721715007173985"
]
},
"id": "ASB-A-357870429-5827a7bb",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/external/conscrypt/+/7ffe97a8034fc98d4f91e0a24793d5f99200523f",
"target": {
"file": "repackaged/common/src/main/java/com/android/org/conscrypt/NativeCrypto.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"76345460774534919623046018758863211779",
"146974738303162855661303116537699460170",
"108662939524375085941082573143147275161",
"106410137962524325474991806287730020401"
]
},
"id": "ASB-A-357870429-9401dd5e",
"deprecated": false,
"target": {
"file": "repackaged/testing/src/main/java/com/android/org/conscrypt/java/security/StandardNames.java"
},
"signature_type": "Line",
"match_only_versions": [
"15"
],
"source": "https://android.googlesource.com/platform/external/conscrypt/+/7ffe97a8034fc98d4f91e0a24793d5f99200523f",
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"299535632622317973775762261295033757321",
"298919683211628180965787637771525901670",
"72286295733434330215461289303693648091",
"180531072601765687022348721715007173985"
]
},
"id": "ASB-A-357870429-b03543ff",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/external/conscrypt/+/7ffe97a8034fc98d4f91e0a24793d5f99200523f",
"target": {
"file": "common/src/main/java/org/conscrypt/NativeCrypto.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/external/conscrypt/+/7ffe97a8034fc98d4f91e0a24793d5f99200523f"
],
"types": [
"ID"
],
"spl": "2025-02-01",
"severity": "High"
}
Android / platform/libcore
Package
- Name
- platform/libcore
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"66535016980524361043403149777297544018",
"208012504548989863176943934591374168083",
"169957629234222689884011151957709531530",
"149609068575646289901741320586169740841",
"17748157196980919623413425613948538200",
"237027060307776030073850333107935000425",
"260255072171673061633479995635217806784",
"185643812290469475858371970327481550919",
"136143440982469030459544041091062516959",
"66844011190315616230151133429621183345",
"148352931765224521536133833510480020653",
"156574747336136866153122351383737362338",
"43013417459654549848672957616778280628",
"173886808004223641137489881139146528192",
"187136071471501562839529036576399172460",
"164325365152946361337993087955725799003",
"245232122391884598577497400550867472484",
"54905948103801531835746623288164919107",
"110198207713622112801120385307461659394",
"26847733142662621468381641653628558401",
"127981282037734968740388963834057168007",
"292479159237603865445158800558546130494",
"257622853064060194934352056970888229902",
"66827743788910402863664397634699581426",
"29882031764466338251726601023402714436",
"211830598287674033212184393986568012810"
]
},
"id": "ASB-A-357870429-db5a1edd",
"deprecated": false,
"target": {
"file": "support/src/test/java/libcore/java/security/StandardNames.java"
},
"signature_type": "Line",
"match_only_versions": [
"15"
],
"source": "https://android.googlesource.com/platform/libcore/+/fe9c4721a54e3ce054da584ddca26cd3a0f34750",
"signature_version": "v1"
}
],
"fixes": [
"https://android.googlesource.com/platform/libcore/+/fe9c4721a54e3ce054da584ddca26cd3a0f34750"
],
"types": [
"ID"
],
"spl": "2025-02-01",
"severity": "High"
}