PUB-A-228523213
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-228523213.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-228523213
- Aliases
-
- A-228523213
- CVE-2022-20524
- Published
- 2022-12-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In compose of Vibrator.cpp, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/hardware/interfaces
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1139.0,
"function_hash": "117130774669409857063412071531567389165"
},
"id": "PUB-A-228523213-2dd3ec5b",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/608655b45078e310fdc233b7dab325ac5abb9aae",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "vibrator/aidl/default/Vibrator.cpp",
"function": "Vibrator::compose"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"137113212944455505595984517359609983707",
"335075521863027633565734272190078559092",
"204580950817905752338340407551275112154",
"140385963569528161743810481876384203007",
"318895696344917804675620433413266868091",
"285323402050139333162301359377394323723",
"54730117134372829604422994571902155397",
"279477816286468920600703993624276505236",
"241648474350781388323088083648116361874",
"4513601005160789433733085062492078791",
"247070909339722821364844509451551885792",
"185397770891738426885666745588193197906",
"30168539055241161394251047116541952088",
"280366042502374237525633356860142182585",
"167509643502859382776909790525618082094",
"170678752709944669269716094535087031638",
"266817190545869651818981895912870315734",
"97110324255583107309625186198566903209",
"298807921226603847089415162752481577904",
"131374671433377509151083402036031180699"
]
},
"id": "PUB-A-228523213-40ac193d",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/608655b45078e310fdc233b7dab325ac5abb9aae",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "vibrator/aidl/default/Vibrator.cpp"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"54613332248356254112916616052195213942",
"17034216959182564606696825685731436741",
"103146724595776529429533467694371502124",
"325373083386355576381742031835850724099"
]
},
"id": "PUB-A-228523213-5349264a",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/608655b45078e310fdc233b7dab325ac5abb9aae",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "vibrator/aidl/default/VibratorManager.cpp"
},
"signature_type": "Line"
},
{
"digest": {
"length": 710.0,
"function_hash": "320702196129629212860008786629199084442"
},
"id": "PUB-A-228523213-6ada12e4",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/608655b45078e310fdc233b7dab325ac5abb9aae",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "vibrator/aidl/default/Vibrator.cpp",
"function": "Vibrator::perform"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 299.0,
"function_hash": "228321586261239167258912563811714797003"
},
"id": "PUB-A-228523213-6f3dc623",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/608655b45078e310fdc233b7dab325ac5abb9aae",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "vibrator/aidl/default/VibratorManager.cpp",
"function": "VibratorManager::triggerSynced"
},
"signature_type": "Function"
},
{
"digest": {
"length": 2399.0,
"function_hash": "129286636322486162554207820906498819005"
},
"id": "PUB-A-228523213-b3acb21d",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/608655b45078e310fdc233b7dab325ac5abb9aae",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "vibrator/aidl/default/Vibrator.cpp",
"function": "Vibrator::composePwle"
},
"signature_type": "Function"
},
{
"digest": {
"length": 461.0,
"function_hash": "306478687497055041045970042818010893123"
},
"id": "PUB-A-228523213-be0b3974",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/608655b45078e310fdc233b7dab325ac5abb9aae",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "vibrator/aidl/default/Vibrator.cpp",
"function": "Vibrator::on"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/hardware/interfaces/+/608655b45078e310fdc233b7dab325ac5abb9aae"
],
"spl": "2022-12-01",
"severity": "Moderate",
"types": [
"EoP"
]
}