PUB-A-229994861
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-229994861.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-229994861
- Aliases
-
- A-229994861
- CVE-2022-20527
- Published
- 2022-12-01T00:00:00Z
- Modified
- 2025-09-19T20:50:49.344728Z
- Summary
- [none]
- Details
-
In HalCoreCallback of halcore.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC firmware with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/hardware/st/nfc
Package
Ecosystem specific
{
"vanir_signatures": [
{
"id": "PUB-A-229994861-33818c24",
"deprecated": false,
"target": {
"file": "st21nfc/hal/halcore.cc"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"165744123791803713704763289471465043099",
"27783976174390821137820152893181231296",
"76791411373196050948003848164575001558",
"301341817714026765422772554170160352996"
]
},
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/hardware/st/nfc/+/bf79f190c62886e457e13b030dd67d846958b3c6",
"match_only_versions": [
"13"
]
},
{
"id": "PUB-A-229994861-ddaf01cb",
"deprecated": false,
"target": {
"file": "st21nfc/hal/halcore.cc",
"function": "HalCoreCallback"
},
"digest": {
"length": 1926.0,
"function_hash": "90138370701600535322812863812506258764"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/hardware/st/nfc/+/bf79f190c62886e457e13b030dd67d846958b3c6",
"match_only_versions": [
"13"
]
}
],
"severity": "Moderate",
"spl": "2022-12-01",
"types": [
"ID"
],
"fixes": [
"https://android.googlesource.com/platform/hardware/st/nfc/+/bf79f190c62886e457e13b030dd67d846958b3c6"
]
}