In update of km_compat.cpp, there is a possible loss of potentially sensitive data due to a logic error in the code. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "63895250717123420297641002273223874522", "294427128970106098263378810741973477276", "23689469084458467884454099246961428641", "40041369669208508251054985713600028717", "131870776960916423165309979218873857527", "165667409842384484697599484314191813961", "60667836659051868458743621757815902733", "138454790325154849922723629197758925444", "87840694837720250126470788888092372476", "282075926108188103215179853131176140115", "299731467647186736247268646746127089844", "237140856347092246524592409619848551498", "149333264088716534671752851807630786910", "195609456339659767324711824689363829782", "237240001580756078276369380452826233184", "303825875427489110825298158308078487847", "267213603705728191936035718912155610927", "89158044670599540970050132598645846821" ] }, "id": "ASB-A-200041882-1373a5d6", "source": "https://android.googlesource.com/platform/frameworks/base/+/395e56a71c87d3748ca280f235da04983069de87", "deprecated": false, "signature_version": "v1", "target": { "file": "keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java" }, "signature_type": "Line" }, { "digest": { "length": 1777.0, "function_hash": "287817583073348075063627018514464567696" }, "id": "ASB-A-200041882-ce16c9f3", "source": "https://android.googlesource.com/platform/frameworks/base/+/395e56a71c87d3748ca280f235da04983069de87", "deprecated": false, "signature_version": "v1", "target": { "file": "keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java", "function": "update" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/395e56a71c87d3748ca280f235da04983069de87" ], "spl": "2021-12-01", "severity": "Moderate", "types": [ "DoS" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "296247381615706207940344218873979561406", "117914632088309752997507968849196862561", "296127060522419971491214502692124512607", "289605831318439964476066516728869475390", "246677525376236764731752077701042705914", "275394212812749307118547474173493168246", "150743742270153775574323177774337554644", "14510788412777461895624544256531122542", "270108042523112881788052144010558101792", "43914366029301982099248993372225136363", "92304254268092578088067572760309488687", "165331501407977169918564501036867129372", "172646350780875746062336910881553966872", "156320583609609716048373255473262654500", "188464575262330323982702135274694293938", "186648026298976972473366559225974820210", "26297471291680814041470058232411228257", "183477435670545106904388353096335975001", "96571061197215787766419045033778474359", "232758056508553985081029411056760457141", "219007454539755862411747402571348049678", "262132622474183740545779879592993130885" ] }, "id": "ASB-A-200041882-5a27b434", "source": "https://android.googlesource.com/platform/system/security/+/b7f303146fecc166260aced8de677dfc7322f7a3", "deprecated": false, "signature_version": "v1", "target": { "file": "keystore2/src/km_compat/km_compat.cpp" }, "signature_type": "Line" }, { "digest": { "threshold": 0.9, "line_hashes": [ "191457518975892954429420437395054367537", "55921400531954652432818226400380192261", "294121662116713340914746920978361905691", "263450118387933674872164299383355782964", "116462961127653278057920658998514115935", "221906624880504727863042671492829109410", "298415771029044292149912867544885778593", "135496493869402731336487378667975788889", "160535297822301536978066717815325024760", "217928048407434328421568135233871840142", "75766592965099032473761074138347594446" ] }, "id": "ASB-A-200041882-e79739a5", "source": "https://android.googlesource.com/platform/system/security/+/b7f303146fecc166260aced8de677dfc7322f7a3", "deprecated": false, "signature_version": "v1", "target": { "file": "keystore2/src/km_compat/km_compat.h" }, "signature_type": "Line" }, { "digest": { "length": 894.0, "function_hash": "82284854177447888888080578493938680824" }, "id": "ASB-A-200041882-f697c9d1", "source": "https://android.googlesource.com/platform/system/security/+/b7f303146fecc166260aced8de677dfc7322f7a3", "deprecated": false, "signature_version": "v1", "target": { "file": "keystore2/src/km_compat/km_compat.cpp", "function": "KeyMintOperation::update" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/system/security/+/b7f303146fecc166260aced8de677dfc7322f7a3" ], "spl": "2021-12-01", "severity": "Moderate", "types": [ "DoS" ] }