In 'ih264efindbskipparams()' of ih264eme.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "200379714733293227417754227594358170013", "15268792044800260968382807296639589458", "290916752263289187891812336718207654893", "54901536950139771812429537628854285332" ] }, "id": "PUB-A-193442575-8d68cb8d", "source": "https://android.googlesource.com/platform/external/libavc/+/2f3d043b17d00df222ec19c11014c7de27caa6f5", "deprecated": false, "signature_version": "v1", "target": { "file": "encoder/ih264e_api.c" }, "signature_type": "Line" }, { "digest": { "length": 15858.0, "function_hash": "156282991969587907165341020502167311297" }, "id": "PUB-A-193442575-9873b76b", "source": "https://android.googlesource.com/platform/external/libavc/+/2f3d043b17d00df222ec19c11014c7de27caa6f5", "deprecated": false, "signature_version": "v1", "target": { "file": "encoder/ih264e_api.c", "function": "ih264e_init_mem_rec" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/external/libavc/+/2f3d043b17d00df222ec19c11014c7de27caa6f5" ], "spl": "2021-12-01", "severity": "Moderate", "types": [ "ID" ] }