ASB-A-370840874
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-370840874.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-370840874
- Aliases
-
- A-370840874
- CVE-2024-49738
- Published
- 2025-01-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In writeInplace of Parcel.cpp, there is a possible out of bounds write. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/native
Package
- Name
- platform/frameworks/native
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1582.0,
"function_hash": "297814362107445610082654090359809384968"
},
"id": "ASB-A-370840874-2d3a29cc",
"deprecated": false,
"target": {
"function": "Parcel::writeObject",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/c54dad65317f851ce9d016bd90ec6a7a04da09fc",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 774.0,
"function_hash": "8618114329319310912930896519838241565"
},
"id": "ASB-A-370840874-6c446f38",
"deprecated": false,
"target": {
"function": "Parcel::writeInplace",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/c54dad65317f851ce9d016bd90ec6a7a04da09fc",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"177286139698374251546338520979178803929",
"263777811521303244292811673748167317299",
"306631319605809265062590238010977363154",
"5459374701110884002122948635842376246",
"139485230588671050701757286638303746782",
"27515442413792563850244456883337050092",
"338273689907845506080366789303687789672",
"94325907291901409267573572028677659775",
"334268703811797312539685279166094187699",
"177929807823366295858787852042555989520",
"272508042470490873432018013596229747742"
]
},
"id": "ASB-A-370840874-e392a48c",
"deprecated": false,
"target": {
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/c54dad65317f851ce9d016bd90ec6a7a04da09fc",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 471.0,
"function_hash": "293563029431163384534579630592325398310"
},
"id": "ASB-A-370840874-e585bc20",
"deprecated": false,
"target": {
"function": "Parcel::writeAligned",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/c54dad65317f851ce9d016bd90ec6a7a04da09fc",
"exact_target_file_match_only": true,
"signature_version": "v1"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/native/+/c54dad65317f851ce9d016bd90ec6a7a04da09fc"
],
"types": [
"EoP"
],
"spl": "2025-01-01",
"severity": "High"
}platform/frameworks/native
Package
- Name
- platform/frameworks/native
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"177286139698374251546338520979178803929",
"263777811521303244292811673748167317299",
"306631319605809265062590238010977363154",
"297459603371341219306139209616668062751",
"246036501175084741583285991937705244678",
"27515442413792563850244456883337050092",
"338273689907845506080366789303687789672",
"250172505421581400181205564251316004121",
"339718309363086333322952185827518444964",
"147461113591116849175667398032374209803",
"154795782594771188218202105235844049986"
]
},
"id": "ASB-A-370840874-26cf92f8",
"deprecated": false,
"target": {
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/2aec032c0826ad68cd94c100173b99167bfcb10d",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 1174.0,
"function_hash": "94828663791970858100698628675736531893"
},
"id": "ASB-A-370840874-3486245c",
"deprecated": false,
"target": {
"function": "Parcel::writeObject",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/2aec032c0826ad68cd94c100173b99167bfcb10d",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 774.0,
"function_hash": "8618114329319310912930896519838241565"
},
"id": "ASB-A-370840874-72507174",
"deprecated": false,
"target": {
"function": "Parcel::writeInplace",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/2aec032c0826ad68cd94c100173b99167bfcb10d",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 416.0,
"function_hash": "172039250980780037644587941896111450844"
},
"id": "ASB-A-370840874-f1aca62a",
"deprecated": false,
"target": {
"function": "Parcel::writeAligned",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/2aec032c0826ad68cd94c100173b99167bfcb10d",
"exact_target_file_match_only": true,
"signature_version": "v1"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/native/+/2aec032c0826ad68cd94c100173b99167bfcb10d"
],
"types": [
"EoP"
],
"spl": "2025-01-01",
"severity": "High"
}platform/frameworks/native
Package
- Name
- platform/frameworks/native
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"177286139698374251546338520979178803929",
"263777811521303244292811673748167317299",
"306631319605809265062590238010977363154",
"297459603371341219306139209616668062751",
"246036501175084741583285991937705244678",
"27515442413792563850244456883337050092",
"338273689907845506080366789303687789672",
"250172505421581400181205564251316004121",
"339718309363086333322952185827518444964",
"147461113591116849175667398032374209803",
"154795782594771188218202105235844049986"
]
},
"id": "ASB-A-370840874-0fb16d06",
"deprecated": false,
"target": {
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/2aec032c0826ad68cd94c100173b99167bfcb10d",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 1174.0,
"function_hash": "94828663791970858100698628675736531893"
},
"id": "ASB-A-370840874-81134aac",
"deprecated": false,
"target": {
"function": "Parcel::writeObject",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/2aec032c0826ad68cd94c100173b99167bfcb10d",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 774.0,
"function_hash": "8618114329319310912930896519838241565"
},
"id": "ASB-A-370840874-9294a6e1",
"deprecated": false,
"target": {
"function": "Parcel::writeInplace",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/2aec032c0826ad68cd94c100173b99167bfcb10d",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 416.0,
"function_hash": "172039250980780037644587941896111450844"
},
"id": "ASB-A-370840874-cade1a99",
"deprecated": false,
"target": {
"function": "Parcel::writeAligned",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/2aec032c0826ad68cd94c100173b99167bfcb10d",
"exact_target_file_match_only": true,
"signature_version": "v1"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/native/+/2aec032c0826ad68cd94c100173b99167bfcb10d"
],
"types": [
"EoP"
],
"spl": "2025-01-01",
"severity": "High"
}platform/frameworks/native
Package
- Name
- platform/frameworks/native
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 471.0,
"function_hash": "293563029431163384534579630592325398310"
},
"id": "ASB-A-370840874-55796520",
"deprecated": false,
"target": {
"function": "Parcel::writeAligned",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/43feae49c343b948a38b15d5e12c78916bafee61",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 774.0,
"function_hash": "8618114329319310912930896519838241565"
},
"id": "ASB-A-370840874-c6dd35d0",
"deprecated": false,
"target": {
"function": "Parcel::writeInplace",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/43feae49c343b948a38b15d5e12c78916bafee61",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 1582.0,
"function_hash": "297814362107445610082654090359809384968"
},
"id": "ASB-A-370840874-d291a540",
"deprecated": false,
"target": {
"function": "Parcel::writeObject",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/43feae49c343b948a38b15d5e12c78916bafee61",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"177286139698374251546338520979178803929",
"263777811521303244292811673748167317299",
"306631319605809265062590238010977363154",
"5459374701110884002122948635842376246",
"139485230588671050701757286638303746782",
"27515442413792563850244456883337050092",
"338273689907845506080366789303687789672",
"94325907291901409267573572028677659775",
"334268703811797312539685279166094187699",
"177929807823366295858787852042555989520",
"272508042470490873432018013596229747742"
]
},
"id": "ASB-A-370840874-d760f237",
"deprecated": false,
"target": {
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/43feae49c343b948a38b15d5e12c78916bafee61",
"exact_target_file_match_only": true,
"signature_version": "v1"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/native/+/43feae49c343b948a38b15d5e12c78916bafee61"
],
"types": [
"EoP"
],
"spl": "2025-01-01",
"severity": "High"
}platform/frameworks/native
Package
- Name
- platform/frameworks/native
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1154.0,
"function_hash": "175000366554730585123907779373568441240"
},
"id": "ASB-A-370840874-9bff609b",
"deprecated": false,
"target": {
"function": "Parcel::writeObject",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/4e76d6907ec1e8f065f7af3e4032e4b8cee6b2c1",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 774.0,
"function_hash": "8618114329319310912930896519838241565"
},
"id": "ASB-A-370840874-b1ae812a",
"deprecated": false,
"target": {
"function": "Parcel::writeInplace",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/4e76d6907ec1e8f065f7af3e4032e4b8cee6b2c1",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 471.0,
"function_hash": "293563029431163384534579630592325398310"
},
"id": "ASB-A-370840874-b1f00902",
"deprecated": false,
"target": {
"function": "Parcel::writeAligned",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/4e76d6907ec1e8f065f7af3e4032e4b8cee6b2c1",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"177286139698374251546338520979178803929",
"263777811521303244292811673748167317299",
"306631319605809265062590238010977363154",
"297459603371341219306139209616668062751",
"246036501175084741583285991937705244678",
"27515442413792563850244456883337050092",
"338273689907845506080366789303687789672",
"94325907291901409267573572028677659775",
"334268703811797312539685279166094187699",
"177929807823366295858787852042555989520",
"272508042470490873432018013596229747742"
]
},
"id": "ASB-A-370840874-d5cb983e",
"deprecated": false,
"target": {
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/4e76d6907ec1e8f065f7af3e4032e4b8cee6b2c1",
"exact_target_file_match_only": true,
"signature_version": "v1"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/native/+/4e76d6907ec1e8f065f7af3e4032e4b8cee6b2c1"
],
"types": [
"EoP"
],
"spl": "2025-01-01",
"severity": "High"
}platform/frameworks/native
Package
- Name
- platform/frameworks/native
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1154.0,
"function_hash": "175000366554730585123907779373568441240"
},
"id": "ASB-A-370840874-5a1968e2",
"deprecated": false,
"target": {
"function": "Parcel::writeObject",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/4e76d6907ec1e8f065f7af3e4032e4b8cee6b2c1",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 774.0,
"function_hash": "8618114329319310912930896519838241565"
},
"id": "ASB-A-370840874-89487df9",
"deprecated": false,
"target": {
"function": "Parcel::writeInplace",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/4e76d6907ec1e8f065f7af3e4032e4b8cee6b2c1",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"length": 471.0,
"function_hash": "293563029431163384534579630592325398310"
},
"id": "ASB-A-370840874-cc7b2381",
"deprecated": false,
"target": {
"function": "Parcel::writeAligned",
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/native/+/4e76d6907ec1e8f065f7af3e4032e4b8cee6b2c1",
"exact_target_file_match_only": true,
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"177286139698374251546338520979178803929",
"263777811521303244292811673748167317299",
"306631319605809265062590238010977363154",
"297459603371341219306139209616668062751",
"246036501175084741583285991937705244678",
"27515442413792563850244456883337050092",
"338273689907845506080366789303687789672",
"94325907291901409267573572028677659775",
"334268703811797312539685279166094187699",
"177929807823366295858787852042555989520",
"272508042470490873432018013596229747742"
]
},
"id": "ASB-A-370840874-f0bc538d",
"deprecated": false,
"target": {
"file": "libs/binder/Parcel.cpp"
},
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/native/+/4e76d6907ec1e8f065f7af3e4032e4b8cee6b2c1",
"exact_target_file_match_only": true,
"signature_version": "v1"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/native/+/4e76d6907ec1e8f065f7af3e4032e4b8cee6b2c1"
],
"types": [
"EoP"
],
"spl": "2025-01-01",
"severity": "High"
}