ASB-A-342490466
See a problem?- Import Source
- https://storage.googleapis.com/android-osv-test/ASB-A-342490466.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/ASB-A-342490466
- Aliases
-
- A-342490466
- CVE-2024-36972
- Published
- 2024-09-01T00:00:00Z
- Modified
- 2025-08-06T16:29:06.385449Z
- Summary
- [none]
- Details
-
In multiple functions of af_unix.c, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
-
- https://source.android.com/security/bulletin/2024-09-01
- https://android.googlesource.com/kernel/common/+/3169d3641a8f6e1c2c61c328d171665c5ec65780
- https://android.googlesource.com/kernel/common/+/5c86c33a36e96a7ef91645d41dd3bf2ece19a8ca
- https://android.googlesource.com/kernel/common/+/685a016cdeac2b7f1d968c6b56e698547976e10d
- https://android.googlesource.com/kernel/common/+/30d168eb06cd8bd51d5cbf9c374b8bc6b667d7f6
- https://android.googlesource.com/kernel/common/+/0e9ee9221f28d842f9d764cf4ce1e600a62470a7
- https://android.googlesource.com/kernel/common/+/de6fb073c606c19695893b874c005741fa4c0f06
Affected packages
Android / :linux_kernel:
Package
- Name
- :linux_kernel:
Ecosystem specific
{
"severity": "High",
"fixes": [
"https://android.googlesource.com/kernel/common/+/3169d3641a8f6e1c2c61c328d171665c5ec65780",
"https://android.googlesource.com/kernel/common/+/5c86c33a36e96a7ef91645d41dd3bf2ece19a8ca",
"https://android.googlesource.com/kernel/common/+/685a016cdeac2b7f1d968c6b56e698547976e10d",
"https://android.googlesource.com/kernel/common/+/30d168eb06cd8bd51d5cbf9c374b8bc6b667d7f6",
"https://android.googlesource.com/kernel/common/+/0e9ee9221f28d842f9d764cf4ce1e600a62470a7",
"https://android.googlesource.com/kernel/common/+/de6fb073c606c19695893b874c005741fa4c0f06"
],
"types": [
"EoP"
],
"spl": "2024-09-05",
"vanir_signatures": [
{
"signature_type": "Function",
"id": "ASB-A-342490466-10fbaa7d",
"target": {
"file": "net/unix/af_unix.c",
"function": "manage_oob"
},
"digest": {
"function_hash": "148701938685513132065393457904920098343",
"length": 744.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/0e9ee9221f28d842f9d764cf4ce1e600a62470a7",
"deprecated": false
},
{
"signature_type": "Function",
"id": "ASB-A-342490466-16274f92",
"target": {
"file": "net/unix/af_unix.c",
"function": "unix_stream_recv_urg"
},
"digest": {
"function_hash": "273387260747125013363523233215867240594",
"length": 739.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/685a016cdeac2b7f1d968c6b56e698547976e10d",
"deprecated": false
},
{
"signature_type": "Function",
"id": "ASB-A-342490466-19abd8a9",
"target": {
"file": "net/unix/af_unix.c",
"function": "manage_oob"
},
"digest": {
"function_hash": "161989691304211948289155966666614842311",
"length": 666.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/30d168eb06cd8bd51d5cbf9c374b8bc6b667d7f6",
"deprecated": false
},
{
"signature_type": "Function",
"id": "ASB-A-342490466-1bf06a10",
"target": {
"file": "net/unix/af_unix.c",
"function": "manage_oob"
},
"digest": {
"function_hash": "161989691304211948289155966666614842311",
"length": 666.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/3169d3641a8f6e1c2c61c328d171665c5ec65780",
"deprecated": false
},
{
"signature_type": "Function",
"id": "ASB-A-342490466-1cd780a9",
"target": {
"file": "net/unix/af_unix.c",
"function": "manage_oob"
},
"digest": {
"function_hash": "148701938685513132065393457904920098343",
"length": 744.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/5c86c33a36e96a7ef91645d41dd3bf2ece19a8ca",
"deprecated": false
},
{
"signature_type": "Function",
"id": "ASB-A-342490466-3f1aac73",
"target": {
"file": "net/unix/af_unix.c",
"function": "unix_stream_recv_urg"
},
"digest": {
"function_hash": "273387260747125013363523233215867240594",
"length": 739.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/de6fb073c606c19695893b874c005741fa4c0f06",
"deprecated": false
},
{
"signature_type": "Line",
"id": "ASB-A-342490466-467eb092",
"target": {
"file": "net/unix/af_unix.c"
},
"digest": {
"line_hashes": [
"12898838854434221361955670346883413761",
"281187255283261416937856725587190512647",
"237358337270355387388643455243139204321",
"167923650163664176006824923318156752123",
"247852294358432210813258254439124024580",
"179778604200500332107620422529019221081",
"66644715695927273793846970684666063534",
"294418092756032165720546228699187998862",
"212883820182780206171431942048283618298",
"269276023515162350051815727144609272241",
"225076982735021379131672500614146713985",
"334277325818211399534449792333300745147"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/5c86c33a36e96a7ef91645d41dd3bf2ece19a8ca",
"deprecated": false
},
{
"signature_type": "Line",
"id": "ASB-A-342490466-5438a90f",
"target": {
"file": "net/unix/af_unix.c"
},
"digest": {
"line_hashes": [
"12898838854434221361955670346883413761",
"281187255283261416937856725587190512647",
"237358337270355387388643455243139204321",
"167923650163664176006824923318156752123",
"247852294358432210813258254439124024580",
"179778604200500332107620422529019221081",
"66644715695927273793846970684666063534",
"294418092756032165720546228699187998862",
"212883820182780206171431942048283618298",
"269276023515162350051815727144609272241",
"225076982735021379131672500614146713985",
"334277325818211399534449792333300745147"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/0e9ee9221f28d842f9d764cf4ce1e600a62470a7",
"deprecated": false
},
{
"signature_type": "Function",
"id": "ASB-A-342490466-5b4b8e90",
"target": {
"file": "net/unix/af_unix.c",
"function": "unix_stream_read_generic"
},
"digest": {
"function_hash": "60097453978575106304938121352532036748",
"length": 3371.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/5c86c33a36e96a7ef91645d41dd3bf2ece19a8ca",
"deprecated": false
},
{
"signature_type": "Function",
"id": "ASB-A-342490466-6ad310fc",
"target": {
"file": "net/unix/af_unix.c",
"function": "unix_stream_read_generic"
},
"digest": {
"function_hash": "60097453978575106304938121352532036748",
"length": 3371.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/0e9ee9221f28d842f9d764cf4ce1e600a62470a7",
"deprecated": false
},
{
"signature_type": "Function",
"id": "ASB-A-342490466-842a9819",
"target": {
"file": "net/unix/af_unix.c",
"function": "manage_oob"
},
"digest": {
"function_hash": "204840386611737069431911908430986124914",
"length": 762.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/de6fb073c606c19695893b874c005741fa4c0f06",
"deprecated": false
},
{
"signature_type": "Function",
"id": "ASB-A-342490466-84491598",
"target": {
"file": "net/unix/af_unix.c",
"function": "manage_oob"
},
"digest": {
"function_hash": "204840386611737069431911908430986124914",
"length": 762.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/685a016cdeac2b7f1d968c6b56e698547976e10d",
"deprecated": false
},
{
"signature_type": "Line",
"id": "ASB-A-342490466-8bedfc7a",
"target": {
"file": "net/unix/af_unix.c"
},
"digest": {
"line_hashes": [
"179904369906772442813952687533508936760",
"112877094314623297297532108694988313493",
"272044055355748369951572805757421426940",
"250191847698780052467595274490109004534"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/30d168eb06cd8bd51d5cbf9c374b8bc6b667d7f6",
"deprecated": false
},
{
"signature_type": "Line",
"id": "ASB-A-342490466-8e3829d2",
"target": {
"file": "net/unix/af_unix.c"
},
"digest": {
"line_hashes": [
"254304164795536250053127170783492138677",
"105462636328949246489903629108269668046",
"20573765473696067324831203188464769490",
"93832483395875750720796689483312547147",
"217780774133683158965324523859977731519",
"123215435071613848545107460336807057226",
"183142727679165382842700200721568998597",
"138051571796102409297802863785801489657",
"288484838968544984887739437775807415209",
"186019269047928716193985603977616600697",
"260693522245445690795225260964522969388",
"160081501034026980599823995568734046322",
"40305284401451820825613319017533599205",
"60532195400591136061990257697395378796",
"42821201480983946584326479636174284240",
"314639969027777242298588520473308271249",
"104288012559777059553736187259329671803",
"44265179350399165397171526591519960331",
"28612329891590521977152249056041237075",
"318925668682420257738872829661125961678",
"137172568043226062402333322073562116441",
"217083988873519472629542845744417000441",
"286067593580821388333339314075367549241",
"107129081346080638717275927934007700197",
"86944875138486024571549413838200342761",
"170660616878980343628198244979802036273",
"234557122560131040946338613905752951770",
"257990560573202138337444553177717994482",
"161065187970028706209042947438959079168",
"325960809431862154301076418446353217715",
"114146366935522974299599549901205903696"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/de6fb073c606c19695893b874c005741fa4c0f06",
"deprecated": false
},
{
"signature_type": "Function",
"id": "ASB-A-342490466-94486d9e",
"target": {
"file": "net/unix/af_unix.c",
"function": "queue_oob"
},
"digest": {
"function_hash": "78752625956467784290503026470283977553",
"length": 967.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/de6fb073c606c19695893b874c005741fa4c0f06",
"deprecated": false
},
{
"signature_type": "Function",
"id": "ASB-A-342490466-b9ae1d00",
"target": {
"file": "net/unix/af_unix.c",
"function": "queue_oob"
},
"digest": {
"function_hash": "78752625956467784290503026470283977553",
"length": 967.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/685a016cdeac2b7f1d968c6b56e698547976e10d",
"deprecated": false
},
{
"signature_type": "Line",
"id": "ASB-A-342490466-cdbd55b8",
"target": {
"file": "net/unix/af_unix.c"
},
"digest": {
"line_hashes": [
"254304164795536250053127170783492138677",
"105462636328949246489903629108269668046",
"20573765473696067324831203188464769490",
"93832483395875750720796689483312547147",
"217780774133683158965324523859977731519",
"123215435071613848545107460336807057226",
"183142727679165382842700200721568998597",
"138051571796102409297802863785801489657",
"288484838968544984887739437775807415209",
"186019269047928716193985603977616600697",
"260693522245445690795225260964522969388",
"160081501034026980599823995568734046322",
"40305284401451820825613319017533599205",
"60532195400591136061990257697395378796",
"42821201480983946584326479636174284240",
"314639969027777242298588520473308271249",
"104288012559777059553736187259329671803",
"44265179350399165397171526591519960331",
"28612329891590521977152249056041237075",
"318925668682420257738872829661125961678",
"137172568043226062402333322073562116441",
"217083988873519472629542845744417000441",
"286067593580821388333339314075367549241",
"107129081346080638717275927934007700197",
"86944875138486024571549413838200342761",
"170660616878980343628198244979802036273",
"234557122560131040946338613905752951770",
"257990560573202138337444553177717994482",
"161065187970028706209042947438959079168",
"325960809431862154301076418446353217715",
"114146366935522974299599549901205903696"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/685a016cdeac2b7f1d968c6b56e698547976e10d",
"deprecated": false
},
{
"signature_type": "Line",
"id": "ASB-A-342490466-f71c4b22",
"target": {
"file": "net/unix/af_unix.c"
},
"digest": {
"line_hashes": [
"179904369906772442813952687533508936760",
"112877094314623297297532108694988313493",
"272044055355748369951572805757421426940",
"250191847698780052467595274490109004534"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/kernel/common/+/3169d3641a8f6e1c2c61c328d171665c5ec65780",
"deprecated": false
}
]
}