PUB-A-194533433

See a problem?
Import Source
https://storage.googleapis.com/android-osv/PUB-A-194533433.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-194533433
Aliases
  • A-194533433
  • CVE-2021-1002
Published
2021-12-01T00:00:00Z
Modified
2024-11-06T12:16:03.231308Z
Summary
[none]
Details

In WTInterpolate of easwtengine.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/external/sonivox

Package

Name
platform/external/sonivox

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2021-12-01

Affected versions

Other

12

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "56670286916054844959085444765776871285",
                    "228588898921747800035786773685776845273",
                    "63542771905456096792451515447100129199",
                    "299421447603471472527573310550504102577",
                    "103751839871934057808063796404643818331",
                    "101131050099693957166445146746675700465",
                    "39889290398108461417778246792892668655",
                    "259234348619225104787879816085938629572",
                    "231361967036040571724966677528908519580",
                    "275059295861124206757671160939923787269",
                    "214595645295990633473556637685062717452",
                    "316921944096199428840479606992039782976",
                    "256097016070962679666325202304674545632",
                    "15710917691976626436433209964262265572",
                    "208161714072323175474772568717041545084",
                    "324716160180205571720013986608834502934",
                    "309854085047872314603746762262677167993"
                ]
            },
            "id": "PUB-A-194533433-e3d54bbb",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/429f610b46941275f7d9d818289e6d75c711d260",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_wtengine.c"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1167.0,
                "function_hash": "307463499689526854493088671374242703617"
            },
            "id": "PUB-A-194533433-f294ffe4",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/429f610b46941275f7d9d818289e6d75c711d260",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_wtengine.c",
                "function": "WT_Interpolate"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/sonivox/+/429f610b46941275f7d9d818289e6d75c711d260"
    ],
    "spl": "2021-12-01",
    "severity": "Moderate",
    "types": [
        "ID"
    ]
}