PUB-A-237291425
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-237291425.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-237291425
- Aliases
-
- A-237291425
- CVE-2022-20539
- Published
- 2022-12-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In parameterToHal of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the audio server with System execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/hardware/interfaces
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"13"
],
"digest": {
"length": 555.0,
"function_hash": "317495746485922110331306168398437462706"
},
"id": "PUB-A-237291425-431ce068",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/4f110343d667159f85df5c2b787a9e9a5349bcbe",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "audio/effect/all-versions/default/Effect.cpp",
"function": "Effect::getParameterImpl"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 535.0,
"function_hash": "30123266802065356885115692504846696672"
},
"id": "PUB-A-237291425-5ff1da6d",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/4f110343d667159f85df5c2b787a9e9a5349bcbe",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "audio/effect/all-versions/default/Effect.cpp",
"function": "Effect::parameterToHal"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 257.0,
"function_hash": "29579660006996074852613495412883982288"
},
"id": "PUB-A-237291425-69d37c7b",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/4f110343d667159f85df5c2b787a9e9a5349bcbe",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "audio/effect/all-versions/default/Effect.cpp",
"function": "Effect::setParameterImpl"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"241345803428274514914173750033235143439",
"298917489403951161474252177580383745491",
"204918743027436695181852476445492936696",
"248059365483983222598316756158843715662",
"66822891934574946509925347350274344198"
]
},
"id": "PUB-A-237291425-bd5ae7c4",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/4f110343d667159f85df5c2b787a9e9a5349bcbe",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "audio/effect/all-versions/default/Effect.h"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"313059225383503440477440576076796639768",
"227621403652004929095362390026884299138",
"318529299587967281414003747786286545567",
"24771999819195088072931779467914237968",
"266160911258182898482401649488858568793",
"63132663513363580818699841070826610106",
"148207872206608168082714377543143285242",
"142613355609468974098312976183629596872",
"99312486785625554246400588369878169704",
"318637139589062211065762957205511152412",
"75009748631100807500709188096213170068",
"78691052645781660711009870316563570461",
"280549801420680188423824461990705934769",
"88997130257885229649108908344598353686",
"152243725183288471995187783439429214751",
"328470510571465043752673378022626710887",
"229506037448769977422689472174879608986",
"118651229590935032251534793302388468773",
"184127610439288084211946895359479852215",
"252561610820495140261623815577275630659",
"27478599967662449078636264537078252088",
"26180971022269590998001646870428867891",
"170585366046268702959843789117970440253",
"226573480289599342413102365773257030364",
"272465068728968602953041888046671296023",
"327956488084163979081976006159521689607"
]
},
"id": "PUB-A-237291425-dab24b9e",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/4f110343d667159f85df5c2b787a9e9a5349bcbe",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "audio/effect/all-versions/default/Effect.cpp"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"42200179381301016134820353144508083862",
"263620422702024950336934368050914565764",
"233494592712189971446162782491874540621"
]
},
"id": "PUB-A-237291425-e7638dd9",
"source": "https://android.googlesource.com/platform/hardware/interfaces/+/4f110343d667159f85df5c2b787a9e9a5349bcbe",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "audio/effect/all-versions/vts/functional/VtsHalAudioEffectTargetTest.cpp"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/hardware/interfaces/+/4f110343d667159f85df5c2b787a9e9a5349bcbe"
],
"spl": "2022-12-01",
"severity": "Moderate",
"types": [
"EoP"
]
}