ASB-A-379695596
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-379695596.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-379695596
- Aliases
-
- A-379695596
- CVE-2026-0010
- Published
- 2026-03-01T00:00:00Z
- Modified
- 2026-03-20T16:01:55.726900Z
- Summary
- [none]
- Details
-
In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"deprecated": false,
"digest": {
"function_hash": "254484530803293232433988124470089576972",
"length": 18206.0
},
"target": {
"file": "drm/common/IDrmManagerService.cpp",
"function": "BnDrmManagerService::onTransact"
},
"signature_version": "v1",
"match_only_versions": [
"16-qpr2-next"
],
"source": "https://android.googlesource.com/platform/frameworks/av/+/358b3457706b53f63ea10e9905e953e2c9c37f31",
"id": "ASB-A-379695596-2da73c8a",
"signature_type": "Function"
},
{
"deprecated": false,
"digest": {
"line_hashes": [
"193005296291010323106917966324247588790",
"294466828348999483103759003124382967705",
"87468087055771253729697964708624710120",
"64567366025305510261695894161190484659",
"275190152303307488874954423272887243061",
"114712313609923601026331383590958799121",
"219516882649605358681653722298635745789"
],
"threshold": 0.9
},
"target": {
"file": "drm/common/IDrmManagerService.cpp"
},
"signature_version": "v1",
"match_only_versions": [
"16-qpr2-next"
],
"source": "https://android.googlesource.com/platform/frameworks/av/+/358b3457706b53f63ea10e9905e953e2c9c37f31",
"id": "ASB-A-379695596-df82e5a4",
"signature_type": "Line"
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/358b3457706b53f63ea10e9905e953e2c9c37f31"
],
"spl": "2026-03-01",
"severity": "High"
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"deprecated": false,
"digest": {
"function_hash": "254484530803293232433988124470089576972",
"length": 18206.0
},
"target": {
"file": "drm/common/IDrmManagerService.cpp",
"function": "BnDrmManagerService::onTransact"
},
"signature_version": "v1",
"match_only_versions": [
"15"
],
"source": "https://android.googlesource.com/platform/frameworks/av/+/7c5d19a1ae1f6762e2b52372a64d161fea6195fa",
"id": "ASB-A-379695596-933de1cd",
"signature_type": "Function"
},
{
"deprecated": false,
"digest": {
"line_hashes": [
"193005296291010323106917966324247588790",
"294466828348999483103759003124382967705",
"87468087055771253729697964708624710120",
"64567366025305510261695894161190484659",
"275190152303307488874954423272887243061",
"114712313609923601026331383590958799121",
"219516882649605358681653722298635745789"
],
"threshold": 0.9
},
"target": {
"file": "drm/common/IDrmManagerService.cpp"
},
"signature_version": "v1",
"match_only_versions": [
"15"
],
"source": "https://android.googlesource.com/platform/frameworks/av/+/7c5d19a1ae1f6762e2b52372a64d161fea6195fa",
"id": "ASB-A-379695596-d4d47418",
"signature_type": "Line"
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/7c5d19a1ae1f6762e2b52372a64d161fea6195fa"
],
"spl": "2026-03-01",
"severity": "High"
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"deprecated": false,
"digest": {
"line_hashes": [
"193005296291010323106917966324247588790",
"294466828348999483103759003124382967705",
"87468087055771253729697964708624710120",
"64567366025305510261695894161190484659",
"275190152303307488874954423272887243061",
"114712313609923601026331383590958799121",
"219516882649605358681653722298635745789"
],
"threshold": 0.9
},
"target": {
"file": "drm/common/IDrmManagerService.cpp"
},
"signature_version": "v1",
"match_only_versions": [
"16"
],
"source": "https://android.googlesource.com/platform/frameworks/av/+/5dd95d00af9a58840fd842b75fc0876dc356d917",
"id": "ASB-A-379695596-5acd6e01",
"signature_type": "Line"
},
{
"deprecated": false,
"digest": {
"function_hash": "254484530803293232433988124470089576972",
"length": 18206.0
},
"target": {
"file": "drm/common/IDrmManagerService.cpp",
"function": "BnDrmManagerService::onTransact"
},
"signature_version": "v1",
"match_only_versions": [
"16"
],
"source": "https://android.googlesource.com/platform/frameworks/av/+/5dd95d00af9a58840fd842b75fc0876dc356d917",
"id": "ASB-A-379695596-de534b22",
"signature_type": "Function"
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/5dd95d00af9a58840fd842b75fc0876dc356d917"
],
"spl": "2026-03-01",
"severity": "High"
}
Android / platform/frameworks/av
Package
Ecosystem specific
{
"vanir_signatures": [
{
"deprecated": false,
"digest": {
"line_hashes": [
"193005296291010323106917966324247588790",
"294466828348999483103759003124382967705",
"87468087055771253729697964708624710120",
"64567366025305510261695894161190484659",
"275190152303307488874954423272887243061",
"114712313609923601026331383590958799121",
"219516882649605358681653722298635745789"
],
"threshold": 0.9
},
"target": {
"file": "drm/common/IDrmManagerService.cpp"
},
"signature_version": "v1",
"match_only_versions": [
"14"
],
"source": "https://android.googlesource.com/platform/frameworks/av/+/8e588440e4b5bc982e6906b547c204a7d4282c16",
"id": "ASB-A-379695596-16b20d5f",
"signature_type": "Line"
},
{
"signature_version": "v1",
"target": {
"file": "drm/common/IDrmManagerService.cpp",
"function": "BnDrmManagerService::onTransact"
},
"source": "https://android.googlesource.com/platform/frameworks/av/+/8e588440e4b5bc982e6906b547c204a7d4282c16",
"deprecated": false,
"digest": {
"function_hash": "150644367776923948850731846212645917637",
"length": 18209.0
},
"id": "ASB-A-379695596-a1ab5b03",
"signature_type": "Function"
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/8e588440e4b5bc982e6906b547c204a7d4282c16"
],
"spl": "2026-03-01",
"severity": "High"
}