ASB-A-150160041

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-150160041.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-150160041
Aliases
  • A-150160041
  • CVE-2020-0385
Published
2020-09-01T00:00:00Z
Modified
2024-08-07T19:29:47.904454Z
Summary
[libsonivox: heap-overflow-in-function-parse_rgn] - ASAN WRITE
Details

In Parseinsh of easmdls.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote information disclosure in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.

References

Affected packages

Android / platform/external/sonivox

Affected ranges

Type
ECOSYSTEM
Events
Introduced
8.0:0
Fixed
8.0:2020-09-01

Affected versions

8.*

8.0

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 520.0,
                "function_hash": "225007498631071085808511661137921002709"
            },
            "id": "ASB-A-150160041-30120bc7",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_lins"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1088.0,
                "function_hash": "70004419322198664562718789362116696242"
            },
            "id": "ASB-A-150160041-48d2133e",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_ptbl"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 2457.0,
                "function_hash": "169242754845313623448940926297571908202"
            },
            "id": "ASB-A-150160041-49a080db",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_rgn"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "181829900119039477748077015636613502105",
                    "275044922620282737198137493696043620510",
                    "161414357728343601533595728216280844945",
                    "225226006498603879136487070114940970175",
                    "327898272321048511827431997499515651495",
                    "195343915250230334822997243566450755159",
                    "40372055926465743164709369153025518287",
                    "28868159654609936766653126901200468324",
                    "80578402922742619994225376658138454899",
                    "162651561295090071018388869952279649115",
                    "223672488514811391834808779992673668364",
                    "76241524776169937808472891474266439374",
                    "168400085527804080727041962341408644038",
                    "52835498832227710783626282201795988401"
                ]
            },
            "id": "ASB-A-150160041-8a0c4c94",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 824.0,
                "function_hash": "314843587702427684691367451123225988324"
            },
            "id": "ASB-A-150160041-e78ef6d5",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_lrgn"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559"
    ],
    "spl": "2020-09-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/external/sonivox

Affected ranges

Type
ECOSYSTEM
Events
Introduced
8.1:0
Fixed
8.1:2020-09-01

Affected versions

8.*

8.1

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 824.0,
                "function_hash": "314843587702427684691367451123225988324"
            },
            "id": "ASB-A-150160041-81db167d",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_lrgn"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 2457.0,
                "function_hash": "169242754845313623448940926297571908202"
            },
            "id": "ASB-A-150160041-8b49b611",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_rgn"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "181829900119039477748077015636613502105",
                    "275044922620282737198137493696043620510",
                    "161414357728343601533595728216280844945",
                    "225226006498603879136487070114940970175",
                    "327898272321048511827431997499515651495",
                    "195343915250230334822997243566450755159",
                    "40372055926465743164709369153025518287",
                    "28868159654609936766653126901200468324",
                    "80578402922742619994225376658138454899",
                    "162651561295090071018388869952279649115",
                    "223672488514811391834808779992673668364",
                    "76241524776169937808472891474266439374",
                    "168400085527804080727041962341408644038",
                    "52835498832227710783626282201795988401"
                ]
            },
            "id": "ASB-A-150160041-8fdff28d",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 520.0,
                "function_hash": "225007498631071085808511661137921002709"
            },
            "id": "ASB-A-150160041-ce1b23cf",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_lins"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1088.0,
                "function_hash": "70004419322198664562718789362116696242"
            },
            "id": "ASB-A-150160041-dced3d6d",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_ptbl"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559"
    ],
    "spl": "2020-09-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/external/sonivox

Affected ranges

Type
ECOSYSTEM
Events
Introduced
9:0
Fixed
9:2020-09-01

Affected versions

Other

9

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "181829900119039477748077015636613502105",
                    "275044922620282737198137493696043620510",
                    "161414357728343601533595728216280844945",
                    "225226006498603879136487070114940970175",
                    "327898272321048511827431997499515651495",
                    "195343915250230334822997243566450755159",
                    "40372055926465743164709369153025518287",
                    "28868159654609936766653126901200468324",
                    "80578402922742619994225376658138454899",
                    "162651561295090071018388869952279649115",
                    "223672488514811391834808779992673668364",
                    "76241524776169937808472891474266439374",
                    "168400085527804080727041962341408644038",
                    "52835498832227710783626282201795988401"
                ]
            },
            "id": "ASB-A-150160041-2af2797a",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 2457.0,
                "function_hash": "169242754845313623448940926297571908202"
            },
            "id": "ASB-A-150160041-9174798a",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_rgn"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1088.0,
                "function_hash": "70004419322198664562718789362116696242"
            },
            "id": "ASB-A-150160041-dda68bd5",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_ptbl"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 520.0,
                "function_hash": "225007498631071085808511661137921002709"
            },
            "id": "ASB-A-150160041-e8fecb81",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_lins"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 824.0,
                "function_hash": "314843587702427684691367451123225988324"
            },
            "id": "ASB-A-150160041-f77f6012",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_lrgn"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559"
    ],
    "spl": "2020-09-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/external/sonivox

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2020-09-01

Affected versions

Other

10

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "181829900119039477748077015636613502105",
                    "275044922620282737198137493696043620510",
                    "161414357728343601533595728216280844945",
                    "225226006498603879136487070114940970175",
                    "327898272321048511827431997499515651495",
                    "195343915250230334822997243566450755159",
                    "40372055926465743164709369153025518287",
                    "28868159654609936766653126901200468324",
                    "80578402922742619994225376658138454899",
                    "162651561295090071018388869952279649115",
                    "223672488514811391834808779992673668364",
                    "76241524776169937808472891474266439374",
                    "168400085527804080727041962341408644038",
                    "52835498832227710783626282201795988401"
                ]
            },
            "id": "ASB-A-150160041-375c0559",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 2457.0,
                "function_hash": "169242754845313623448940926297571908202"
            },
            "id": "ASB-A-150160041-69d0ca9e",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_rgn"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1088.0,
                "function_hash": "70004419322198664562718789362116696242"
            },
            "id": "ASB-A-150160041-c199f252",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_ptbl"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 824.0,
                "function_hash": "314843587702427684691367451123225988324"
            },
            "id": "ASB-A-150160041-d6c4565f",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_lrgn"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 520.0,
                "function_hash": "225007498631071085808511661137921002709"
            },
            "id": "ASB-A-150160041-e3734ee6",
            "source": "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "arm-wt-22k/lib_src/eas_mdls.c",
                "function": "Parse_lins"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/sonivox/+/e689e94f3b7473497052e81d906a10a82407e559"
    ],
    "spl": "2020-09-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}