PUB-A-186337918
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-186337918.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-186337918
- Aliases
-
- A-186337918
- CVE-2021-29155
- Published
- 2021-10-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In several functions of verifier.c, there is a possible way to disclose kernel memory due to side channel information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- References
-
- https://source.android.com/security/bulletin/2021-10-01
- https://android.googlesource.com/kernel/common/+/9601148392520e2e134936e76788fc2a6371e7be
- https://android.googlesource.com/kernel/common/+/6f55b2f2a1178856c19bbce2f71449926e731914
- https://android.googlesource.com/kernel/common/+/24c109bb1537c12c02aeed2d51a347b4d6a9b76e
- https://android.googlesource.com/kernel/common/+/b658bbb844e28f1862867f37e8ca11a8e2aa94a3
- https://android.googlesource.com/kernel/common/+/a6aaece00a57fa6f22575364b3903dfbccf5345d
- https://android.googlesource.com/kernel/common/+/073815b756c51ba9d8384d924c5d1c03ca3d1ae4
- https://android.googlesource.com/kernel/common/+/f528819334881fd622fdadeddb3f7edaed8b7c9b
- https://android.googlesource.com/kernel/common/+/7fedb63a8307dda0ec3b8969a3b233a1dd7ea8e0
Affected packages
Android / :linux_kernel:
Package
- Name
- :linux_kernel:
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 881.0,
"function_hash": "142326869828688370603557871141678287265"
},
"id": "PUB-A-186337918-02a72700",
"source": "https://android.googlesource.com/kernel/common/+/a6aaece00a57fa6f22575364b3903dfbccf5345d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "retrieve_ptr_limit"
},
"signature_type": "Function"
},
{
"digest": {
"length": 893.0,
"function_hash": "316239043046518439015850015893669889269"
},
"id": "PUB-A-186337918-0f1c142f",
"source": "https://android.googlesource.com/kernel/common/+/7fedb63a8307dda0ec3b8969a3b233a1dd7ea8e0",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "retrieve_ptr_limit"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"114301004794924848045714296215986753404",
"71749256150156277579716594244510955242",
"254795925386519137223243686941163251620",
"136716383469065413608097990589109564739",
"89522239158795419087619746193143309496",
"303867019925243015271991995456202807189",
"220133077614045257605013977394826688332",
"207816598696591912731465326274798505764",
"143249013821615246451946155096210564385",
"322905648790923695590636604558630132257",
"208531971942581623484382266463001326082",
"191457677137427027915940391032126859634",
"131835767377942775458282656710665350373",
"1374255815086099547607244284050934999",
"65124599339688074719155606165725099896",
"72183546918509789144407743841931259890",
"63273999810990037573422310029218508894",
"110745800579062450672445445614613932925",
"176003657337290295671243159164801845791",
"219819845571459262962131139114794685767",
"247672923117819337510085368947821032964",
"318856771309121580385049997873658480603",
"2617414769440252260239628661774883086",
"42787704106486038091599666075772155067",
"3924012355989222331556904442809048643",
"201434567567440715159172636521096933768",
"140858105517165341424224722910656318628",
"229370419234964954688414728046248697191",
"258998299724870782438903936233213308208",
"261789840756037996724382760861955391503",
"52791327772751745589192128743641147841",
"26727527826486794425523355313774759935",
"170410585260446876977220605793683320175",
"78090994072046059919359618610617509401",
"37506367817824648607155288995528558887",
"151112609099172857871811485927978261301",
"129195599419721061780218965167067348612",
"94982746926622883526728585657169804984",
"23941208122981566439189456124954578760",
"335851251418787678590809765426797561299",
"260682693075969492532434809911790329311",
"275229003933364267958253211912855836848",
"174777300302264713192934025392943171405",
"128215198036904777790300694596698863226",
"315329731831906047579021383969400823531",
"210287128960023494681452874915596781976",
"66351642444242204266103157498596263337",
"335319216995490082330647105102005323162",
"332459120380566545068414370036553615383",
"157757971496223130224727189730452117881",
"189512357794252429412003108592765790750",
"100602034378135394690177251695556722184",
"39848923121169685586605870857986851407",
"150203262932536143257858330574930925124",
"166564433755734152074346426454268092188",
"328959905041013827183270228634835782067",
"226221732338468509526422511133350200808",
"283914302533439136867461647554861139321",
"90221552522153860705530658621588944801",
"49368605745088328475664293898690747590",
"15877268267930370249456014927228255439",
"279054945790868548188692925606161907845",
"193503802923642470576137932870481994216",
"281860933786349660379103416131629177890"
]
},
"id": "PUB-A-186337918-1e3cca6e",
"source": "https://android.googlesource.com/kernel/common/+/7fedb63a8307dda0ec3b8969a3b233a1dd7ea8e0",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 5483.0,
"function_hash": "60870908949411455329061192303702779501"
},
"id": "PUB-A-186337918-2384780a",
"source": "https://android.googlesource.com/kernel/common/+/24c109bb1537c12c02aeed2d51a347b4d6a9b76e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "adjust_ptr_min_max_vals"
},
"signature_type": "Function"
},
{
"digest": {
"length": 5487.0,
"function_hash": "164862801161063965694009978540384139876"
},
"id": "PUB-A-186337918-23c55bb9",
"source": "https://android.googlesource.com/kernel/common/+/6f55b2f2a1178856c19bbce2f71449926e731914",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "adjust_ptr_min_max_vals"
},
"signature_type": "Function"
},
{
"digest": {
"length": 835.0,
"function_hash": "160452684997634312016654078286960967430"
},
"id": "PUB-A-186337918-31179cdc",
"source": "https://android.googlesource.com/kernel/common/+/6f55b2f2a1178856c19bbce2f71449926e731914",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "sanitize_ptr_alu"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"282058195687562348807590427065618562896",
"229491056612342112157534733552571010298",
"24098686306953093500402656621660559655",
"197443242739242875515893212178046111856",
"136783983040573813371244765474366764371",
"123563401680879400511556730884885576558",
"205921153490719296369803338620003546654",
"225341317714956895510542625910210530662",
"283415009912651935474711580666517776005",
"192904543428502092962290560719042398038",
"221074064320735200714409252319742698665",
"140254163173515040014738161207272852339",
"323250515656912679688432143519061003349",
"75703500411777127859942646105302643121",
"312221723989749002659137762668406974075",
"323289905906955971735130469896815318353",
"156179445604542804812792190578541516583",
"267868390585593816517915983992887850017",
"160495847613381060821701226266193473158"
]
},
"id": "PUB-A-186337918-3e8cb33f",
"source": "https://android.googlesource.com/kernel/common/+/073815b756c51ba9d8384d924c5d1c03ca3d1ae4",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 2906.0,
"function_hash": "220733230987237144772736836785540259010"
},
"id": "PUB-A-186337918-4500bc44",
"source": "https://android.googlesource.com/kernel/common/+/f528819334881fd622fdadeddb3f7edaed8b7c9b",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "adjust_scalar_min_max_vals"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"77442960050802318017876812559493279828",
"17024102001121765798611469774481744867",
"317420923171753003864553608592077412773",
"28790782144294165209606382352639598432",
"322566115669594912920201594012322327461",
"315394372177304065452348004302456537939",
"9710260800311349913489575272970318264",
"79744331044420135662543514852116749169",
"173958753945913611780335049680329315604",
"91353858336321839177407612782874704137",
"281121866354856682736356125141732049179",
"78120081378425938711158484242589393340",
"12681233806988702066940340265223172683",
"190325117125731474052243082973318793669",
"99065929489019578606292325744868239580",
"76080056008053321959766691794795573283",
"176748401582100084918356824603030810082",
"176166272087760497658427359553450459014",
"53489083422022700743345050693036682854",
"92698929727185929191414450349533153952",
"20934781664022044134356079199617571148",
"240827568142428504439373417182596109529",
"29570101623088431545270829205553503809",
"103414314099636969154622259445362891080",
"334930419479257539789805211069697029932",
"230854622574928264560172461107740349273",
"124093624003048441552304101444919791307",
"129820969237192913484681455087087279687"
]
},
"id": "PUB-A-186337918-600a1395",
"source": "https://android.googlesource.com/kernel/common/+/b658bbb844e28f1862867f37e8ca11a8e2aa94a3",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"103381520136910515326319962908350619792",
"174671424062403317975331388893570055356",
"240138156490599121090017960305332017170",
"61538807258198900382036402616293581741",
"164789574237162029473849685868090933925",
"152598167109669477434781474109259295991",
"19833889899567726430103307955643145870",
"37915013268495139981619116539606986265",
"339628609768221077499045785554570858040",
"127171693933109560675765896771415348912",
"2827028564972159045492176152675064713",
"281665525742919943358003718327045116952",
"154205237447540980422613041993411640179",
"277248056179856428323883280196159250863",
"51619959257697419040360827431265675288",
"320873981949883250169675360434733681353",
"54309377834036054453075276415501086305",
"291147809898473125455233745190031336292",
"228907941431799189482458587946938987439",
"215058551496031886863212314320174235595",
"180273889910095370472478233335563311452",
"99247017949532833990554890180049661866",
"246017629092455155781646704554876433963",
"248558748876448854764262267301539635020",
"256967401235602108300502029958783705003",
"245874587135355277073503778848147423092",
"110578728074716448979661304221439680833"
]
},
"id": "PUB-A-186337918-6326f41b",
"source": "https://android.googlesource.com/kernel/common/+/24c109bb1537c12c02aeed2d51a347b4d6a9b76e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"218714449604499915071694496152356323250",
"45704365308297903021096708014382581274",
"337559564869367164935353401567183924801",
"286272596960287988914324541723015790463",
"31651886707842055480376838760699901522",
"276972620993420840103961910619076327396",
"10663515993386016079925984320512055971",
"110226294205823067773151592943417720580",
"10159363312468416494411373139083858061",
"229007737145066186988165548592200566373",
"224880947185908388246783261138729747607",
"10322464107095078227980000674642629487",
"37253300164757187743546013874133533409",
"47049342480494653258562682088782761012",
"96863880894955747406993311961143116688",
"138190035494557935594915829779364314815",
"307581971852586362949562012419242584368",
"182334636420870205911316796809877339874",
"65766865064511021184778102562587617964",
"200391326299233568889925386308167066475",
"248380800917530653289931174969630350531",
"134870460839031606626165630449261130974",
"246951637073595837889355820121401332160",
"211991352364883930535285279291394399775",
"308431547342429937292279092715558264872",
"16826815232114989779007611329666355583",
"9208282887981355045469600353505587300",
"113929299524522302058180961132103825417",
"80412179878676341024713492143350018712",
"304052767062712656945406038862972436159",
"1167191890427871827893471209599840187",
"277903420204662893063976861276523116429",
"218403699623223321300023898703005062395",
"198268347358126782002822913984997640338",
"160898182728783937668524384368658720067",
"283466069986278212952458825142613371547",
"113131266652001335102075890489587246797",
"333245929769086122320040392041756776377",
"308628460436977131723204329427590591947",
"153674347189071481141495294681311852841",
"179868309379708541183741148071118809048",
"30245767556070096008348750648808255909",
"76012561014517903681786343963048840990",
"128120564325291665045069176503699653329",
"122580673523133397609928565749697646576",
"249084933148502903653399747795131059787",
"12765023030365364359184909482460447171",
"104878718937763474962565409791071604649",
"148688740199615426218807273791977049627",
"237058203963425871482760356256811059175",
"279121862496495216908928487347795756801",
"296892783827672391565124721557533449945",
"268916771192513158724696988427715547471",
"281180860769557978304330871874727058476",
"55998260742504708179481514331255418923",
"167148449908504351643592200523687389853",
"11507441996209466956660011787504380593",
"114984108854163346958024591981773036019",
"100696395561043789672158484610323975890"
]
},
"id": "PUB-A-186337918-66ae5573",
"source": "https://android.googlesource.com/kernel/common/+/a6aaece00a57fa6f22575364b3903dfbccf5345d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"18165135779466820786240274213792935398",
"95259640639970879322579420980295413419",
"239595718824113794663481850682138365523",
"129067249238655189403987183909363535355",
"7033306917882309472277196867027508268",
"229010441627964760320165366945862358838",
"146782000889997755148431255122921608307",
"151100974297558672289298084388186347251",
"184197069414713142732147949061168315429",
"52825033788360440135229320070253319667",
"223785969030333388027105467265623409792",
"84225908660257451551892265813981780750",
"56490882799611671169107109085776128232",
"148588434042610851386580508980923399027",
"25001129255759929241033037036513035837",
"62146069999977052098498354794415705089"
]
},
"id": "PUB-A-186337918-68a348ec",
"source": "https://android.googlesource.com/kernel/common/+/6f55b2f2a1178856c19bbce2f71449926e731914",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 5048.0,
"function_hash": "17207822245785881964029576319337059621"
},
"id": "PUB-A-186337918-74f6465c",
"source": "https://android.googlesource.com/kernel/common/+/073815b756c51ba9d8384d924c5d1c03ca3d1ae4",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "adjust_ptr_min_max_vals"
},
"signature_type": "Function"
},
{
"digest": {
"length": 5479.0,
"function_hash": "125843481326521891639350157180231397173"
},
"id": "PUB-A-186337918-7a0224e9",
"source": "https://android.googlesource.com/kernel/common/+/9601148392520e2e134936e76788fc2a6371e7be",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "adjust_ptr_min_max_vals"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"246695606581409387158863810852610618632",
"89246996787328126017189709845583227179",
"264052653408367067844449628668108182984",
"3428031845225140226106607569969277222"
]
},
"id": "PUB-A-186337918-82f8738d",
"source": "https://android.googlesource.com/kernel/common/+/9601148392520e2e134936e76788fc2a6371e7be",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 883.0,
"function_hash": "277855126346309130210651293157185251959"
},
"id": "PUB-A-186337918-896dd233",
"source": "https://android.googlesource.com/kernel/common/+/7fedb63a8307dda0ec3b8969a3b233a1dd7ea8e0",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "sanitize_ptr_alu"
},
"signature_type": "Function"
},
{
"digest": {
"length": 882.0,
"function_hash": "129522929628026699063173342839688519691"
},
"id": "PUB-A-186337918-8d1d45cc",
"source": "https://android.googlesource.com/kernel/common/+/b658bbb844e28f1862867f37e8ca11a8e2aa94a3",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "retrieve_ptr_limit"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"276212936261548033675879741196695640042",
"263703486728521075021701617948305086966",
"202666486935702327703733695467908503678",
"53250420407405182756027046396073323493",
"69933766410075455321307708383123635488",
"314869839819145421588173891579884645175",
"46034219613679250400620036970329016739",
"116869860216842570477607474408604336686",
"145696341565665631479227435976517860383",
"69586943159958324165359556286761090861",
"314237097369849413536459869340181107693",
"237058203963425871482760356256811059175",
"279121862496495216908928487347795756801",
"296892783827672391565124721557533449945",
"143309286410320140694751037650909870725",
"334961769804652349683799816591397383116",
"80973630786434542023160021663039562635",
"215339079482544718851252830779601427437",
"219978155788802681610624055512431915179"
]
},
"id": "PUB-A-186337918-8fb7b09f",
"source": "https://android.googlesource.com/kernel/common/+/f528819334881fd622fdadeddb3f7edaed8b7c9b",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 721.0,
"function_hash": "254203844896245676810631648929513771012"
},
"id": "PUB-A-186337918-9ed5fa16",
"source": "https://android.googlesource.com/kernel/common/+/24c109bb1537c12c02aeed2d51a347b4d6a9b76e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "retrieve_ptr_limit"
},
"signature_type": "Function"
},
{
"digest": {
"length": 230.0,
"function_hash": "102443136265330604787204548666536511157"
},
"id": "PUB-A-186337918-acaa7c93",
"source": "https://android.googlesource.com/kernel/common/+/a6aaece00a57fa6f22575364b3903dfbccf5345d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "update_alu_sanitation_state"
},
"signature_type": "Function"
},
{
"digest": {
"length": 877.0,
"function_hash": "36952929240060046129653812201293762974"
},
"id": "PUB-A-186337918-c558fde6",
"source": "https://android.googlesource.com/kernel/common/+/24c109bb1537c12c02aeed2d51a347b4d6a9b76e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "sanitize_ptr_alu"
},
"signature_type": "Function"
},
{
"digest": {
"length": 3027.0,
"function_hash": "60125803834267096025895124146004869023"
},
"id": "PUB-A-186337918-c6b16c22",
"source": "https://android.googlesource.com/kernel/common/+/a6aaece00a57fa6f22575364b3903dfbccf5345d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "adjust_scalar_min_max_vals"
},
"signature_type": "Function"
},
{
"digest": {
"length": 4709.0,
"function_hash": "263488447789254681595578708559886956860"
},
"id": "PUB-A-186337918-cd741f3a",
"source": "https://android.googlesource.com/kernel/common/+/7fedb63a8307dda0ec3b8969a3b233a1dd7ea8e0",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "adjust_ptr_min_max_vals"
},
"signature_type": "Function"
},
{
"digest": {
"length": 5166.0,
"function_hash": "118425757277851489570446696058348173292"
},
"id": "PUB-A-186337918-e3839194",
"source": "https://android.googlesource.com/kernel/common/+/a6aaece00a57fa6f22575364b3903dfbccf5345d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "adjust_ptr_min_max_vals"
},
"signature_type": "Function"
},
{
"digest": {
"length": 879.0,
"function_hash": "281371583213950479723288722972705128640"
},
"id": "PUB-A-186337918-e9cf0629",
"source": "https://android.googlesource.com/kernel/common/+/a6aaece00a57fa6f22575364b3903dfbccf5345d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/bpf/verifier.c",
"function": "sanitize_ptr_alu"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/kernel/common/+/9601148392520e2e134936e76788fc2a6371e7be",
"https://android.googlesource.com/kernel/common/+/6f55b2f2a1178856c19bbce2f71449926e731914",
"https://android.googlesource.com/kernel/common/+/24c109bb1537c12c02aeed2d51a347b4d6a9b76e",
"https://android.googlesource.com/kernel/common/+/b658bbb844e28f1862867f37e8ca11a8e2aa94a3",
"https://android.googlesource.com/kernel/common/+/a6aaece00a57fa6f22575364b3903dfbccf5345d",
"https://android.googlesource.com/kernel/common/+/073815b756c51ba9d8384d924c5d1c03ca3d1ae4",
"https://android.googlesource.com/kernel/common/+/f528819334881fd622fdadeddb3f7edaed8b7c9b",
"https://android.googlesource.com/kernel/common/+/7fedb63a8307dda0ec3b8969a3b233a1dd7ea8e0"
],
"spl": "2021-10-05",
"severity": "Moderate",
"types": [
"ID"
]
}