PUB-A-190435883

See a problem?
Import Source
https://storage.googleapis.com/android-osv/PUB-A-190435883.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-190435883
Aliases
  • A-190435883
  • CVE-2021-1001
Published
2021-12-01T00:00:00Z
Modified
2024-11-06T12:16:03.231308Z
Summary
[none]
Details

In PVInitVideoEncoder of mp4enc_api.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/av

Package

Name
platform/frameworks/av

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2021-12-01

Affected versions

Other

12

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 20344.0,
                "function_hash": "331766920222833858923471291138145887051"
            },
            "id": "PUB-A-190435883-6d24091e",
            "source": "https://android.googlesource.com/platform/frameworks/av/+/c52ab47449d3c6bf2af3668c2c753d0a33404a9a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "media/codecs/m4v_h263/enc/src/mp4enc_api.cpp",
                "function": "PVInitVideoEncoder"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "206437095254952264279870610859463231236",
                    "335763517536493788842454289933025066803",
                    "315427360418934668995122938100707492940",
                    "277662384132488287615611224431094309394",
                    "161466992054306866615721603485132579586",
                    "18605767560981244841544534635281281311",
                    "288045843137782979265232455174873634161",
                    "213438922595083060206583817694471793034",
                    "21647049488474645469943973489962736788",
                    "278275374606181650662406174154067542970",
                    "244548571901860716783198757529286500556",
                    "177514349601426941332198306653110568412",
                    "322071612031000966792118222920463745902",
                    "266949744181163504133091299737103916053"
                ]
            },
            "id": "PUB-A-190435883-d41a9e38",
            "source": "https://android.googlesource.com/platform/frameworks/av/+/c52ab47449d3c6bf2af3668c2c753d0a33404a9a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "media/codecs/m4v_h263/enc/src/mp4enc_api.cpp"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/av/+/c52ab47449d3c6bf2af3668c2c753d0a33404a9a"
    ],
    "spl": "2021-12-01",
    "severity": "Moderate",
    "types": [
        "ID"
    ]
}