PUB-A-140762419

See a problem?

Import Source

https://storage.googleapis.com/android-osv/PUB-A-140762419.json

JSON Data

https://api.osv.dev/v1/vulns/PUB-A-140762419

Aliases

A-140762419
CVE-2023-21178

Published

2023-06-01T00:00:00Z

Modified

2026-04-24T15:37:38.793646Z

Summary

[none]

Details

In installKey of KeyUtil.cpp, there is a possible failure of file encryption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

References

https://source.android.com/security/bulletin/2023-06-01

Affected packages

Android / platform/system/sepolicy

Package

Name: platform/system/sepolicy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13-next:0

Fixed

13-next:2023-06-01

Affected versions

Other

13-next

Ecosystem specific

{
    "spl": "2023-06-01",
    "types": [
        "ID"
    ],
    "fixes": [
        "https://android.googlesource.com/platform/system/sepolicy/+/7bedb9d1a070dbe99e483c3287e6ef270520699a"
    ],
    "severity": "Moderate"
}

Database specific

source

"https://storage.googleapis.com/android-osv/PUB-A-140762419.json"

Android / platform/system/vold

Package

Name: platform/system/vold

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13-next:0

Fixed

13-next:2023-06-01

Affected versions

Other

13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "id": "PUB-A-140762419-2815cad6",
            "signature_type": "Function",
            "match_only_versions": [
                "13-next"
            ],
            "signature_version": "v1",
            "target": {
                "function": "evictKey",
                "file": "KeyUtil.cpp"
            },
            "source": "https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511",
            "digest": {
                "function_hash": "279529191378870486788272884241248626986",
                "length": 1231.0
            },
            "deprecated": false
        },
        {
            "id": "PUB-A-140762419-36366056",
            "signature_type": "Function",
            "match_only_versions": [
                "13-next"
            ],
            "signature_version": "v1",
            "target": {
                "function": "installKey",
                "file": "KeyUtil.cpp"
            },
            "source": "https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511",
            "digest": {
                "function_hash": "2145353606480915603368113091176684617",
                "length": 1246.0
            },
            "deprecated": false
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "155404919740601357418490522122473867967",
                    "89050903858336461750279238023313389709",
                    "299740521285904443963372476497241076934",
                    "326896357792371990119871513749450325763",
                    "282920753469770144136751944084212869195",
                    "63206651620664014721004767940093754973",
                    "47755117522734981925638724129234018972",
                    "229621141676731449773252323792796277177",
                    "182452104478105228845516234098983828751",
                    "210437306731509637401451293472611847492",
                    "230579831600606458996204686086340072861",
                    "64572430561726623521731363476097600643",
                    "164984371477251526163290153188969798974",
                    "16437101110075321040525696888720516281",
                    "7849359201417764438429642328655383327",
                    "318625451194724682784989363561677233560",
                    "145144332272125448045727486849429848686",
                    "95206948271280546384323004515216514284",
                    "92190529889188941048245140983048808380",
                    "7247769280750136020356332859558564722"
                ]
            },
            "id": "PUB-A-140762419-724a0d75",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511",
            "deprecated": false,
            "target": {
                "file": "KeyUtil.cpp"
            },
            "signature_version": "v1"
        }
    ],
    "types": [
        "ID"
    ],
    "spl": "2023-06-01",
    "fixes": [
        "https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511"
    ],
    "severity": "Moderate"
}

Database specific

source

"https://storage.googleapis.com/android-osv/PUB-A-140762419.json"

Android / platform/system/sepolicy

Package

Name: platform/system/sepolicy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13:0

Fixed

13:2023-06-01

Affected versions

Other

Ecosystem specific

{
    "spl": "2023-06-01",
    "types": [
        "ID"
    ],
    "fixes": [
        "https://android.googlesource.com/platform/system/sepolicy/+/7bedb9d1a070dbe99e483c3287e6ef270520699a"
    ],
    "severity": "Moderate"
}

Database specific

source

"https://storage.googleapis.com/android-osv/PUB-A-140762419.json"

Android / platform/system/vold

Package

Name: platform/system/vold

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13:0

Fixed

13:2023-06-01

Affected versions

Other

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "155404919740601357418490522122473867967",
                    "89050903858336461750279238023313389709",
                    "299740521285904443963372476497241076934",
                    "326896357792371990119871513749450325763",
                    "282920753469770144136751944084212869195",
                    "63206651620664014721004767940093754973",
                    "47755117522734981925638724129234018972",
                    "229621141676731449773252323792796277177",
                    "182452104478105228845516234098983828751",
                    "210437306731509637401451293472611847492",
                    "230579831600606458996204686086340072861",
                    "64572430561726623521731363476097600643",
                    "164984371477251526163290153188969798974",
                    "16437101110075321040525696888720516281",
                    "7849359201417764438429642328655383327",
                    "318625451194724682784989363561677233560",
                    "145144332272125448045727486849429848686",
                    "95206948271280546384323004515216514284",
                    "92190529889188941048245140983048808380",
                    "7247769280750136020356332859558564722"
                ]
            },
            "id": "PUB-A-140762419-981cb51a",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511",
            "deprecated": false,
            "target": {
                "file": "KeyUtil.cpp"
            },
            "signature_version": "v1"
        },
        {
            "id": "PUB-A-140762419-bb790035",
            "signature_type": "Function",
            "match_only_versions": [
                "13"
            ],
            "signature_version": "v1",
            "target": {
                "function": "evictKey",
                "file": "KeyUtil.cpp"
            },
            "source": "https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511",
            "digest": {
                "function_hash": "279529191378870486788272884241248626986",
                "length": 1231.0
            },
            "deprecated": false
        },
        {
            "id": "PUB-A-140762419-c58788cd",
            "signature_type": "Function",
            "match_only_versions": [
                "13"
            ],
            "signature_version": "v1",
            "target": {
                "function": "installKey",
                "file": "KeyUtil.cpp"
            },
            "source": "https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511",
            "digest": {
                "function_hash": "2145353606480915603368113091176684617",
                "length": 1246.0
            },
            "deprecated": false
        }
    ],
    "types": [
        "ID"
    ],
    "spl": "2023-06-01",
    "fixes": [
        "https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511"
    ],
    "severity": "Moderate"
}

Database specific

source

"https://storage.googleapis.com/android-osv/PUB-A-140762419.json"