In Parsewave of easmdls.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure in a highly constrained process with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "length": 1088.0, "function_hash": "70004419322198664562718789362116696242" }, "id": "ASB-A-150159669-2638139e", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_ptbl" }, "signature_type": "Function" }, { "digest": { "length": 824.0, "function_hash": "314843587702427684691367451123225988324" }, "id": "ASB-A-150159669-67a707db", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_lrgn" }, "signature_type": "Function" }, { "digest": { "length": 2457.0, "function_hash": "169242754845313623448940926297571908202" }, "id": "ASB-A-150159669-682eb564", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_rgn" }, "signature_type": "Function" }, { "digest": { "length": 520.0, "function_hash": "225007498631071085808511661137921002709" }, "id": "ASB-A-150159669-9c19c32f", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_lins" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "181829900119039477748077015636613502105", "275044922620282737198137493696043620510", "161414357728343601533595728216280844945", "225226006498603879136487070114940970175", "327898272321048511827431997499515651495", "195343915250230334822997243566450755159", "40372055926465743164709369153025518287", "28868159654609936766653126901200468324", "80578402922742619994225376658138454899", "162651561295090071018388869952279649115", "223672488514811391834808779992673668364", "76241524776169937808472891474266439374", "168400085527804080727041962341408644038", "52835498832227710783626282201795988401" ] }, "id": "ASB-A-150159669-f29885d6", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559" ], "spl": "2020-09-01", "severity": "High", "types": [ "ID" ] }
{ "vanir_signatures": [ { "digest": { "length": 824.0, "function_hash": "314843587702427684691367451123225988324" }, "id": "ASB-A-150159669-3d285403", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_lrgn" }, "signature_type": "Function" }, { "digest": { "length": 2457.0, "function_hash": "169242754845313623448940926297571908202" }, "id": "ASB-A-150159669-b747441a", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_rgn" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "181829900119039477748077015636613502105", "275044922620282737198137493696043620510", "161414357728343601533595728216280844945", "225226006498603879136487070114940970175", "327898272321048511827431997499515651495", "195343915250230334822997243566450755159", "40372055926465743164709369153025518287", "28868159654609936766653126901200468324", "80578402922742619994225376658138454899", "162651561295090071018388869952279649115", "223672488514811391834808779992673668364", "76241524776169937808472891474266439374", "168400085527804080727041962341408644038", "52835498832227710783626282201795988401" ] }, "id": "ASB-A-150159669-c43b1690", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c" }, "signature_type": "Line" }, { "digest": { "length": 520.0, "function_hash": "225007498631071085808511661137921002709" }, "id": "ASB-A-150159669-ee2c503e", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_lins" }, "signature_type": "Function" }, { "digest": { "length": 1088.0, "function_hash": "70004419322198664562718789362116696242" }, "id": "ASB-A-150159669-f9a02b98", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_ptbl" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559" ], "spl": "2020-09-01", "severity": "High", "types": [ "ID" ] }
{ "vanir_signatures": [ { "digest": { "length": 1088.0, "function_hash": "70004419322198664562718789362116696242" }, "id": "ASB-A-150159669-5032327e", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_ptbl" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "181829900119039477748077015636613502105", "275044922620282737198137493696043620510", "161414357728343601533595728216280844945", "225226006498603879136487070114940970175", "327898272321048511827431997499515651495", "195343915250230334822997243566450755159", "40372055926465743164709369153025518287", "28868159654609936766653126901200468324", "80578402922742619994225376658138454899", "162651561295090071018388869952279649115", "223672488514811391834808779992673668364", "76241524776169937808472891474266439374", "168400085527804080727041962341408644038", "52835498832227710783626282201795988401" ] }, "id": "ASB-A-150159669-ac09d17d", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c" }, "signature_type": "Line" }, { "digest": { "length": 2457.0, "function_hash": "169242754845313623448940926297571908202" }, "id": "ASB-A-150159669-c9dd551f", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_rgn" }, "signature_type": "Function" }, { "digest": { "length": 824.0, "function_hash": "314843587702427684691367451123225988324" }, "id": "ASB-A-150159669-db346c6c", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_lrgn" }, "signature_type": "Function" }, { "digest": { "length": 520.0, "function_hash": "225007498631071085808511661137921002709" }, "id": "ASB-A-150159669-ddc4ae4b", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_lins" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559" ], "spl": "2020-09-01", "severity": "High", "types": [ "ID" ] }
{ "vanir_signatures": [ { "digest": { "length": 1088.0, "function_hash": "70004419322198664562718789362116696242" }, "id": "ASB-A-150159669-24b70045", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_ptbl" }, "signature_type": "Function" }, { "digest": { "length": 824.0, "function_hash": "314843587702427684691367451123225988324" }, "id": "ASB-A-150159669-66296009", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_lrgn" }, "signature_type": "Function" }, { "digest": { "length": 2457.0, "function_hash": "169242754845313623448940926297571908202" }, "id": "ASB-A-150159669-dfbccad1", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_rgn" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "181829900119039477748077015636613502105", "275044922620282737198137493696043620510", "161414357728343601533595728216280844945", "225226006498603879136487070114940970175", "327898272321048511827431997499515651495", "195343915250230334822997243566450755159", "40372055926465743164709369153025518287", "28868159654609936766653126901200468324", "80578402922742619994225376658138454899", "162651561295090071018388869952279649115", "223672488514811391834808779992673668364", "76241524776169937808472891474266439374", "168400085527804080727041962341408644038", "52835498832227710783626282201795988401" ] }, "id": "ASB-A-150159669-e7d98f51", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c" }, "signature_type": "Line" }, { "digest": { "length": 520.0, "function_hash": "225007498631071085808511661137921002709" }, "id": "ASB-A-150159669-f659370d", "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559", "deprecated": false, "signature_version": "v1", "target": { "file": "arm-wt-22k/lib_src/eas_mdls.c", "function": "Parse_lins" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559" ], "spl": "2020-09-01", "severity": "High", "types": [ "ID" ] }