PUB-A-223492713

See a problem?
Import Source
https://storage.googleapis.com/android-osv/PUB-A-223492713.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-223492713
Aliases
  • A-223492713
  • CVE-2022-20162
Published
2022-06-01T00:00:00Z
Modified
2024-08-29T07:13:02.711246Z
Summary
acropora_fuzzer: Stack-buffer-overflow in asn1_p256_int
Details

In asn1p256int of crypto/asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / :unknown:

Package

Name
:unknown:

Affected ranges

Type
ECOSYSTEM
Events
Introduced
Pixel-family specific:0
Fixed
Pixel-family specific:2022-06-05

Affected versions

Other

Pixel-family specific

Ecosystem specific

{
    "spl": "2022-06-05",
    "severity": "High",
    "types": [
        "ID"
    ]
}