PUB-A-172312730
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-172312730.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-172312730
- Aliases
-
- A-172312730
- CVE-2021-0559
- Published
- 2021-06-01T00:00:00Z
- Modified
- 2026-01-23T16:32:20.847922Z
- Summary
- [none]
- Details
-
In Lagmax of pol_wgh.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android / platform/frameworks/av
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/av/+/393ac239819fbba24f5831f45d1e0db85ca582c8"
],
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/av/+/393ac239819fbba24f5831f45d1e0db85ca582c8",
"deprecated": false,
"digest": {
"length": 592.0,
"function_hash": "86375694845478356452739224801233615380"
},
"signature_type": "Function",
"id": "PUB-A-172312730-43fcf238",
"target": {
"function": "searchFrac",
"file": "media/libstagefright/codecs/amrnb/enc/src/pitch_fr.cpp"
}
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/av/+/393ac239819fbba24f5831f45d1e0db85ca582c8",
"deprecated": false,
"digest": {
"line_hashes": [
"118329544886038920272159366255249620300",
"62155794854215733662731863463463730233",
"180477588866047329410749481516684690078",
"196591329646240483090736500971390608694",
"255242137893458711965683056812933988521",
"53086627389275577937899760446922684384",
"255561172742102016648793993148822385585",
"78538922331381416847243385541380641294",
"32280588387923636308594566290842998242",
"202295928902398244417127448611038210003",
"196726860142606486836260145745396709166",
"124516967270312288563135322835853340040",
"311819959043457106494360301694865980308",
"213185609400192417706752608948528032749",
"121728579717999049631282955453872973680",
"235914452929909667608640610550201757482",
"246801531516826452870474903241614164005",
"78648804898981493200918733773244719721",
"330254595014743126836875869692503996244",
"260995459231465444921143665846581913056",
"239933253454418168317459087759048218122",
"275143592814044340035958543018849243601",
"175675612867518871985692305337992890971",
"204159641367682432921594835938845457505",
"11712302396672851668135747432190811589",
"262868602339924297394351593918164720630",
"150308136235005276714817687098000353687",
"237432760403125537474577275313022574714",
"303275853810898920292885802076484965826",
"94067364934024237729834896666722149370",
"126655637474095581650684876509199477230",
"309688047527571670546405738009842659624",
"61543627473033519606160832746077753072",
"15071971947716197797945291742593013090",
"213367715092959574621874581481451356450",
"55524264922198365655848473668938001669",
"119325251242489583056445387593003963780",
"257217298209629698475533473366512618212",
"14384965711772778729774059003113700436",
"175685741866263541677295171374299453951",
"130107026155891343906813993803159664155",
"20103105371641714091831930236139119899",
"94069165091967857195140772596315952853",
"120311644330287720756949217306457088731",
"54594601065587831939589366124437711402",
"176630150263300155114763432214727322030"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "PUB-A-172312730-61d01706",
"target": {
"file": "media/libstagefright/codecs/amrnb/enc/src/pitch_fr.cpp"
}
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/av/+/393ac239819fbba24f5831f45d1e0db85ca582c8",
"deprecated": false,
"digest": {
"length": 2832.0,
"function_hash": "292810631715382559282226246504576187898"
},
"signature_type": "Function",
"id": "PUB-A-172312730-7b5648db",
"target": {
"function": "Pitch_fr",
"file": "media/libstagefright/codecs/amrnb/enc/src/pitch_fr.cpp"
}
}
],
"types": [
"ID"
],
"severity": "Moderate",
"spl": "2021-06-01"
}