PUB-A-262236273

See a problem?
Import Source
https://storage.googleapis.com/android-osv/PUB-A-262236273.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-262236273
Aliases
  • A-262236273
  • CVE-2023-21209
Published
2023-06-01T00:00:00Z
Modified
2024-11-06T16:45:39.809623Z
Summary
[none]
Details

In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/external/wpa_supplicant_8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13-next:0
Fixed
13-next:2023-06-01

Affected versions

Other

13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 424.0,
                "function_hash": "302268144275723282215237474613964667341"
            },
            "id": "PUB-A-262236273-47b0e1ac",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateHs20IconQueryInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1567.0,
                "function_hash": "257355276165712963944831835492749907205"
            },
            "id": "PUB-A-262236273-5cd64147",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/p2p_iface.cpp",
                "function": "P2pIface::addGroupWithConfigInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 286.0,
                "function_hash": "187077103001751572314279034052689728383"
            },
            "id": "PUB-A-262236273-6d5fa3db",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::startWpsRegistrarInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 397.0,
                "function_hash": "59139949819330265023457171034052804893"
            },
            "id": "PUB-A-262236273-8c1a6e95",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateTdlsDiscoverInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "282443825160230321450963843298545080728",
                    "240013557668857853334420540261787923890",
                    "62429178238551276205184415105404761893",
                    "46560374957961384603586640630652171945",
                    "336419216446644093182773684234698415035",
                    "327041791035341145435564724994982404898",
                    "78343065902290284737465664672312973572",
                    "255724180623786242402920462074245142357"
                ]
            },
            "id": "PUB-A-262236273-8e3c7fd2",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/p2p_iface.cpp"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 478.0,
                "function_hash": "270479948021175522507269756789778107231"
            },
            "id": "PUB-A-262236273-b0a148ea",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateTdlsTeardownInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1417.0,
                "function_hash": "23404326539921386207545272978027900169"
            },
            "id": "PUB-A-262236273-b3186f45",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::generateDppBootstrapInfoForResponderInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 444.0,
                "function_hash": "8104615961089294009968361479877306241"
            },
            "id": "PUB-A-262236273-b3d70c20",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::setCountryCodeInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 461.0,
                "function_hash": "9612674215676627984640536271814398902"
            },
            "id": "PUB-A-262236273-b64d3488",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateTdlsSetupInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 428.0,
                "function_hash": "57178098856143511217138945353437811603"
            },
            "id": "PUB-A-262236273-b862ad89",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::startWpsPinDisplayInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 303.0,
                "function_hash": "291459334106095460708774590590163935140"
            },
            "id": "PUB-A-262236273-cfb25b2f",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateVenueUrlAnqpQueryInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 672.0,
                "function_hash": "222888601949521659693169645706244661099"
            },
            "id": "PUB-A-262236273-d48eb61f",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateAnqpQueryInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 537.0,
                "function_hash": "251277092963258719819988234584216547557"
            },
            "id": "PUB-A-262236273-e6ded3c4",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/p2p_iface.cpp",
                "function": "P2pIface::provisionDiscoveryInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "108313089334327937595636589997524737905",
                    "66840887000484404323921320035452788215",
                    "219717861291424890984424019376547388571",
                    "44896243708100406615835794888652299551",
                    "108313089334327937595636589997524737905",
                    "66840887000484404323921320035452788215",
                    "119966804988596060753854524323008774240",
                    "153604098853226158544591461503264384829",
                    "108313089334327937595636589997524737905",
                    "66840887000484404323921320035452788215",
                    "119966804988596060753854524323008774240",
                    "153604098853226158544591461503264384829",
                    "213776302724071626336886735033271865367",
                    "111127769627793226434270712715727975740",
                    "185587857298398648800638886100378496896",
                    "11051987560156314982525484614039640730",
                    "138136018535094028760656810696393132256",
                    "242559769715913450717656652795026906173",
                    "220163884289595045272493767027284266292",
                    "186159613295524858348311536973943924232",
                    "97920612003950030480333138944478168364",
                    "106416219480024751751259025809335167026",
                    "98678616116437698904132115913139234778",
                    "262093932907482226702908105462070957040",
                    "179785536207578963771599860683453035709",
                    "306454131221479826909148403651925784495",
                    "94508611683518420978877184414880182032",
                    "198629720058014996525008381472581916452",
                    "83757367880493119121683389931198569683",
                    "31274133583577273158273533047343986777",
                    "19101203741728346271706693008717644004",
                    "210125636254096168817574411616794081904",
                    "321029893561082877086623895468503904177",
                    "74013402360008246287580570831392352661",
                    "140269204791012767623566618777651021530",
                    "123308398843050064060681011537122893696",
                    "265977110554366842733255150657799530232",
                    "74013402360008246287580570831392352661",
                    "140269204791012767623566618777651021530",
                    "108028509933157452795677691037514741083",
                    "16645525397261761350351177096480169880",
                    "257760521617479987513025030407880082978",
                    "14183314491399266848601277807740484092"
                ]
            },
            "id": "PUB-A-262236273-eba4b300",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 304.0,
                "function_hash": "264951205164416993651860207899884527381"
            },
            "id": "PUB-A-262236273-fdcf15c9",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::startWpsPbcInternal"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20"
    ],
    "spl": "2023-06-01",
    "severity": "Moderate",
    "types": [
        "EoP"
    ]
}

Android / platform/external/wpa_supplicant_8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-06-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 303.0,
                "function_hash": "291459334106095460708774590590163935140"
            },
            "id": "PUB-A-262236273-09febb75",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateVenueUrlAnqpQueryInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "282443825160230321450963843298545080728",
                    "240013557668857853334420540261787923890",
                    "62429178238551276205184415105404761893",
                    "46560374957961384603586640630652171945",
                    "215639982946050837374262497398422649208",
                    "88542317988287961840380036956813897270",
                    "268742349020284817160466135871177099621"
                ]
            },
            "id": "PUB-A-262236273-0f4b1181",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/p2p_iface.cpp"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 286.0,
                "function_hash": "187077103001751572314279034052689728383"
            },
            "id": "PUB-A-262236273-2269668f",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::startWpsRegistrarInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 444.0,
                "function_hash": "8104615961089294009968361479877306241"
            },
            "id": "PUB-A-262236273-60af6251",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::setCountryCodeInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 397.0,
                "function_hash": "59139949819330265023457171034052804893"
            },
            "id": "PUB-A-262236273-6ccb687f",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateTdlsDiscoverInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 424.0,
                "function_hash": "302268144275723282215237474613964667341"
            },
            "id": "PUB-A-262236273-72a47bd7",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateHs20IconQueryInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 672.0,
                "function_hash": "222888601949521659693169645706244661099"
            },
            "id": "PUB-A-262236273-75a895db",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateAnqpQueryInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 3553.0,
                "function_hash": "118019735852887394048568976088613166868"
            },
            "id": "PUB-A-262236273-87c6351a",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/p2p_iface.cpp",
                "function": "P2pIface::addGroupWithConfigInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 461.0,
                "function_hash": "9612674215676627984640536271814398902"
            },
            "id": "PUB-A-262236273-91016366",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateTdlsSetupInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 537.0,
                "function_hash": "251277092963258719819988234584216547557"
            },
            "id": "PUB-A-262236273-ca91f56d",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/p2p_iface.cpp",
                "function": "P2pIface::provisionDiscoveryInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1417.0,
                "function_hash": "23404326539921386207545272978027900169"
            },
            "id": "PUB-A-262236273-d3d2958c",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::generateDppBootstrapInfoForResponderInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "108313089334327937595636589997524737905",
                    "66840887000484404323921320035452788215",
                    "219717861291424890984424019376547388571",
                    "44896243708100406615835794888652299551",
                    "108313089334327937595636589997524737905",
                    "66840887000484404323921320035452788215",
                    "119966804988596060753854524323008774240",
                    "153604098853226158544591461503264384829",
                    "108313089334327937595636589997524737905",
                    "66840887000484404323921320035452788215",
                    "119966804988596060753854524323008774240",
                    "153604098853226158544591461503264384829",
                    "213776302724071626336886735033271865367",
                    "111127769627793226434270712715727975740",
                    "185587857298398648800638886100378496896",
                    "11051987560156314982525484614039640730",
                    "138136018535094028760656810696393132256",
                    "242559769715913450717656652795026906173",
                    "220163884289595045272493767027284266292",
                    "186159613295524858348311536973943924232",
                    "97920612003950030480333138944478168364",
                    "106416219480024751751259025809335167026",
                    "98678616116437698904132115913139234778",
                    "262093932907482226702908105462070957040",
                    "179785536207578963771599860683453035709",
                    "306454131221479826909148403651925784495",
                    "94508611683518420978877184414880182032",
                    "198629720058014996525008381472581916452",
                    "83757367880493119121683389931198569683",
                    "31274133583577273158273533047343986777",
                    "19101203741728346271706693008717644004",
                    "210125636254096168817574411616794081904",
                    "321029893561082877086623895468503904177",
                    "74013402360008246287580570831392352661",
                    "140269204791012767623566618777651021530",
                    "123308398843050064060681011537122893696",
                    "265977110554366842733255150657799530232",
                    "74013402360008246287580570831392352661",
                    "140269204791012767623566618777651021530",
                    "108028509933157452795677691037514741083",
                    "16645525397261761350351177096480169880",
                    "257760521617479987513025030407880082978",
                    "14183314491399266848601277807740484092"
                ]
            },
            "id": "PUB-A-262236273-d5cd277c",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 428.0,
                "function_hash": "57178098856143511217138945353437811603"
            },
            "id": "PUB-A-262236273-e5ba3c5e",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::startWpsPinDisplayInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 478.0,
                "function_hash": "270479948021175522507269756789778107231"
            },
            "id": "PUB-A-262236273-f3ec27a3",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::initiateTdlsTeardownInternal"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 304.0,
                "function_hash": "264951205164416993651860207899884527381"
            },
            "id": "PUB-A-262236273-fa57f73f",
            "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "wpa_supplicant/aidl/sta_iface.cpp",
                "function": "StaIface::startWpsPbcInternal"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d"
    ],
    "spl": "2023-06-01",
    "severity": "Moderate",
    "types": [
        "EoP"
    ]
}