PUB-A-140762419
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-140762419.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-140762419
- Aliases
-
- A-140762419
- CVE-2023-21178
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In installKey of KeyUtil.cpp, there is a possible failure of file encryption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/system/sepolicy
Package
Android / platform/system/vold
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"13-next"
],
"digest": {
"length": 1231.0,
"function_hash": "279529191378870486788272884241248626986"
},
"id": "PUB-A-140762419-2815cad6",
"source": "https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "KeyUtil.cpp",
"function": "evictKey"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13-next"
],
"digest": {
"length": 1246.0,
"function_hash": "2145353606480915603368113091176684617"
},
"id": "PUB-A-140762419-36366056",
"source": "https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "KeyUtil.cpp",
"function": "installKey"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"155404919740601357418490522122473867967",
"89050903858336461750279238023313389709",
"299740521285904443963372476497241076934",
"326896357792371990119871513749450325763",
"282920753469770144136751944084212869195",
"63206651620664014721004767940093754973",
"47755117522734981925638724129234018972",
"229621141676731449773252323792796277177",
"182452104478105228845516234098983828751",
"210437306731509637401451293472611847492",
"230579831600606458996204686086340072861",
"64572430561726623521731363476097600643",
"164984371477251526163290153188969798974",
"16437101110075321040525696888720516281",
"7849359201417764438429642328655383327",
"318625451194724682784989363561677233560",
"145144332272125448045727486849429848686",
"95206948271280546384323004515216514284",
"92190529889188941048245140983048808380",
"7247769280750136020356332859558564722"
]
},
"id": "PUB-A-140762419-724a0d75",
"source": "https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "KeyUtil.cpp"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/system/vold/+/759ac5f87ceae053109aaae84e3a8c97cba1e511"
],
"spl": "2023-06-01",
"severity": "Moderate",
"types": [
"ID"
]
}