PUB-A-207502397

See a problem?
Import Source
https://storage.googleapis.com/android-osv/PUB-A-207502397.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-207502397
Aliases
  • A-207502397
  • CVE-2022-20209
Published
2022-06-01T00:00:00Z
Modified
2024-11-06T12:16:03.231308Z
Summary
[none]
Details

In hmeaddnewnodetoasortedarray of hmeutils.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/external/libhevc

Package

Name
platform/external/libhevc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L-next:0
Fixed
12L-next:2022-06-01

Affected versions

Other

12L-next

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "match_only_versions": [
                "12L-next"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "200311761834761207013842496516504895832",
                    "205821215673933791358262966163237804410",
                    "35232106781502469851740610407617269117",
                    "309572296878527312542482307870102795986",
                    "100837719991404751869428707270934512736"
                ]
            },
            "id": "PUB-A-207502397-169c54f6",
            "source": "https://android.googlesource.com/platform/external/libhevc/+/057f2f3aae4f60765c14deafe38ad75e93e85d34",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "encoder/hme_refine.c"
            },
            "signature_type": "Line"
        },
        {
            "match_only_versions": [
                "12L-next"
            ],
            "digest": {
                "length": 1885.0,
                "function_hash": "274971119024785641213910422059272943711"
            },
            "id": "PUB-A-207502397-257d23cb",
            "source": "https://android.googlesource.com/platform/external/libhevc/+/057f2f3aae4f60765c14deafe38ad75e93e85d34",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "encoder/hme_err_compute.c",
                "function": "hme_update_results_grid_pu_bestn_no_encode"
            },
            "signature_type": "Function"
        },
        {
            "match_only_versions": [
                "12L-next"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "190583638618767158118376652109193316367",
                    "293947317388124284679689045168532054059",
                    "71071465133159178968049211318770674272",
                    "239050269791631259492229995703013734738",
                    "297603948607307601594585060670195044605",
                    "85079740464727846026831739259238763388",
                    "6788755577231196781310376576761040506",
                    "97480469053091829584819581686862516112",
                    "311563938651849718513920976280125659400",
                    "36588089149487993081288585345827492860",
                    "195886725436034071441993635206693420124",
                    "18647124238232273838287847016842643470",
                    "323030537734665531285307103692374934177",
                    "214852066551497752013655974015209956449",
                    "263274371934276688612905206803632895899",
                    "66327453306526090034835403789450074902",
                    "41355602596882207735693532699587242402",
                    "127485505986590875850168855634295028999",
                    "321974066724409291426689570489960951664",
                    "63425222367259699717431377126733738983",
                    "27932856898961142916799941392190923167",
                    "202814289515973696655351134951393997638"
                ]
            },
            "id": "PUB-A-207502397-941d731a",
            "source": "https://android.googlesource.com/platform/external/libhevc/+/057f2f3aae4f60765c14deafe38ad75e93e85d34",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "encoder/hme_err_compute.c"
            },
            "signature_type": "Line"
        },
        {
            "match_only_versions": [
                "12L-next"
            ],
            "digest": {
                "length": 4832.0,
                "function_hash": "198384453410942725806421092339066359548"
            },
            "id": "PUB-A-207502397-f58246b0",
            "source": "https://android.googlesource.com/platform/external/libhevc/+/057f2f3aae4f60765c14deafe38ad75e93e85d34",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "encoder/hme_refine.c",
                "function": "hme_update_mv_bank_in_l1_me"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/libhevc/+/057f2f3aae4f60765c14deafe38ad75e93e85d34"
    ],
    "spl": "2022-06-01",
    "severity": "Moderate",
    "types": [
        "ID"
    ]
}

Android / platform/external/libhevc

Package

Name
platform/external/libhevc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2022-06-01

Affected versions

Other

12L

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "match_only_versions": [
                "12L"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "190583638618767158118376652109193316367",
                    "293947317388124284679689045168532054059",
                    "71071465133159178968049211318770674272",
                    "239050269791631259492229995703013734738",
                    "297603948607307601594585060670195044605",
                    "85079740464727846026831739259238763388",
                    "6788755577231196781310376576761040506",
                    "97480469053091829584819581686862516112",
                    "311563938651849718513920976280125659400",
                    "36588089149487993081288585345827492860",
                    "195886725436034071441993635206693420124",
                    "18647124238232273838287847016842643470",
                    "323030537734665531285307103692374934177",
                    "214852066551497752013655974015209956449",
                    "263274371934276688612905206803632895899",
                    "66327453306526090034835403789450074902",
                    "41355602596882207735693532699587242402",
                    "127485505986590875850168855634295028999",
                    "321974066724409291426689570489960951664",
                    "63425222367259699717431377126733738983",
                    "27932856898961142916799941392190923167",
                    "202814289515973696655351134951393997638"
                ]
            },
            "id": "PUB-A-207502397-8b1175bc",
            "source": "https://android.googlesource.com/platform/external/libhevc/+/2db516cc99d47f1e5f4444d87859dd5583a4a802",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "encoder/hme_err_compute.c"
            },
            "signature_type": "Line"
        },
        {
            "match_only_versions": [
                "12L"
            ],
            "digest": {
                "length": 1885.0,
                "function_hash": "274971119024785641213910422059272943711"
            },
            "id": "PUB-A-207502397-d4b26613",
            "source": "https://android.googlesource.com/platform/external/libhevc/+/2db516cc99d47f1e5f4444d87859dd5583a4a802",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "encoder/hme_err_compute.c",
                "function": "hme_update_results_grid_pu_bestn_no_encode"
            },
            "signature_type": "Function"
        },
        {
            "match_only_versions": [
                "12L"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "200311761834761207013842496516504895832",
                    "205821215673933791358262966163237804410",
                    "35232106781502469851740610407617269117",
                    "309572296878527312542482307870102795986",
                    "100837719991404751869428707270934512736"
                ]
            },
            "id": "PUB-A-207502397-d7b853c3",
            "source": "https://android.googlesource.com/platform/external/libhevc/+/2db516cc99d47f1e5f4444d87859dd5583a4a802",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "encoder/hme_refine.c"
            },
            "signature_type": "Line"
        },
        {
            "match_only_versions": [
                "12L"
            ],
            "digest": {
                "length": 4832.0,
                "function_hash": "198384453410942725806421092339066359548"
            },
            "id": "PUB-A-207502397-de7a341c",
            "source": "https://android.googlesource.com/platform/external/libhevc/+/2db516cc99d47f1e5f4444d87859dd5583a4a802",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "encoder/hme_refine.c",
                "function": "hme_update_mv_bank_in_l1_me"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/libhevc/+/2db516cc99d47f1e5f4444d87859dd5583a4a802"
    ],
    "spl": "2022-06-01",
    "severity": "Moderate",
    "types": [
        "ID"
    ]
}