PUB-A-226234140
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-226234140.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-226234140
- Aliases
-
- A-226234140
- CVE-2023-21030
- Published
- 2023-03-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In Confirmation of keystorecliv2.cpp, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/system/security
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"13"
],
"digest": {
"length": 2697.0,
"function_hash": "37917833963940139365718155000060259289"
},
"id": "PUB-A-226234140-29f9b0df",
"source": "https://android.googlesource.com/platform/system/security/+/9afe88283d069f99350af8ab87205318bf664005",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "keystore/keystore_cli_v2.cpp",
"function": "Confirmation"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"162677320058805501051862405501324683794",
"156446221205746461007732650618698268202",
"58842732572154702818738091576092075492",
"253168222442398203518095834239243687347"
]
},
"id": "PUB-A-226234140-8665f975",
"source": "https://android.googlesource.com/platform/system/security/+/9afe88283d069f99350af8ab87205318bf664005",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "keystore/keystore_cli_v2.cpp"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/system/security/+/9afe88283d069f99350af8ab87205318bf664005"
],
"spl": "2023-03-01",
"severity": "Moderate",
"types": [
"EoP"
]
}