ASB-A-352520660
See a problem?- Import Source
- https://storage.googleapis.com/android-osv-test/ASB-A-352520660.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/ASB-A-352520660
- Aliases
-
- A-352520660
- CVE-2024-46740
- Published
- 2024-11-01T00:00:00Z
- Modified
- 2025-08-06T16:29:06.385449Z
- Summary
- [none]
- Details
-
In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
-
- https://source.android.com/security/bulletin/2024-11-01
- https://android.googlesource.com/kernel/common/+/f4e5b5151e55932279287c55d4e4a801fbf1df96
- https://android.googlesource.com/kernel/common/+/135a19cfad1e5e9c1db63970df743c28f5dd74c8
- https://android.googlesource.com/kernel/common/+/c2201dde2a76788b5b7a75426e53a58e1490a028
- https://android.googlesource.com/kernel/common/+/6a1de5f5d37141467efb9e5d9b3844a19f9990a9
- https://android.googlesource.com/kernel/common/+/ae7e5da1cae2b6be45f7c6ab6a70d35f6e532d5a
- https://android.googlesource.com/kernel/common/+/30efc10dfe20bbf7410adb3d756106f365ac75cc
- https://android.googlesource.com/kernel/common/+/370ea8bc2e0b1c4880c41bbfc2b01bac973209b9
- https://android.googlesource.com/kernel/common/+/b42ed94769088450987f2b52f41a3fb274244827
Affected packages
Android / :linux_kernel:
Package
- Name
- :linux_kernel:
Ecosystem specific
{
"vanir_signatures": [
{
"id": "ASB-A-352520660-2ac62b41",
"signature_type": "Function",
"digest": {
"length": 18013.0,
"function_hash": "104350902273562953596098694912734147909"
},
"source": "https://android.googlesource.com/kernel/common/+/c2201dde2a76788b5b7a75426e53a58e1490a028",
"target": {
"function": "binder_transaction",
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-35c21aa1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"51888937389919906871644406365993764050",
"315719652939985718370173453336879978828",
"306596573906054325073390756280075125039",
"132267424506088119725110653472980559623"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/b42ed94769088450987f2b52f41a3fb274244827",
"target": {
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-3ce7c5be",
"signature_type": "Line",
"digest": {
"line_hashes": [
"51888937389919906871644406365993764050",
"315719652939985718370173453336879978828",
"306596573906054325073390756280075125039",
"132267424506088119725110653472980559623"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/f4e5b5151e55932279287c55d4e4a801fbf1df96",
"target": {
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-4caecefe",
"signature_type": "Function",
"digest": {
"length": 17774.0,
"function_hash": "12085335973923029868560151051282433776"
},
"source": "https://android.googlesource.com/kernel/common/+/f4e5b5151e55932279287c55d4e4a801fbf1df96",
"target": {
"function": "binder_transaction",
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-51de2d94",
"signature_type": "Function",
"digest": {
"length": 20332.0,
"function_hash": "235222454460835599941035140580137942606"
},
"source": "https://android.googlesource.com/kernel/common/+/b42ed94769088450987f2b52f41a3fb274244827",
"target": {
"function": "binder_transaction",
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-52a0d742",
"signature_type": "Line",
"digest": {
"line_hashes": [
"51888937389919906871644406365993764050",
"315719652939985718370173453336879978828",
"306596573906054325073390756280075125039",
"132267424506088119725110653472980559623"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/c2201dde2a76788b5b7a75426e53a58e1490a028",
"target": {
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-54fb9111",
"signature_type": "Line",
"digest": {
"line_hashes": [
"51888937389919906871644406365993764050",
"315719652939985718370173453336879978828",
"306596573906054325073390756280075125039",
"132267424506088119725110653472980559623"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/370ea8bc2e0b1c4880c41bbfc2b01bac973209b9",
"target": {
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-57f8b180",
"signature_type": "Line",
"digest": {
"line_hashes": [
"51888937389919906871644406365993764050",
"315719652939985718370173453336879978828",
"306596573906054325073390756280075125039",
"132267424506088119725110653472980559623"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/ae7e5da1cae2b6be45f7c6ab6a70d35f6e532d5a",
"target": {
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-80d84122",
"signature_type": "Function",
"digest": {
"length": 18055.0,
"function_hash": "26201428169686979003502332237103000119"
},
"source": "https://android.googlesource.com/kernel/common/+/135a19cfad1e5e9c1db63970df743c28f5dd74c8",
"target": {
"function": "binder_transaction",
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-8116079d",
"signature_type": "Function",
"digest": {
"length": 18269.0,
"function_hash": "134030630356211660644016878613318183524"
},
"source": "https://android.googlesource.com/kernel/common/+/6a1de5f5d37141467efb9e5d9b3844a19f9990a9",
"target": {
"function": "binder_transaction",
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-811c79d9",
"signature_type": "Line",
"digest": {
"line_hashes": [
"51888937389919906871644406365993764050",
"315719652939985718370173453336879978828",
"306596573906054325073390756280075125039",
"132267424506088119725110653472980559623"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/30efc10dfe20bbf7410adb3d756106f365ac75cc",
"target": {
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-9bfe6af8",
"signature_type": "Function",
"digest": {
"length": 18187.0,
"function_hash": "266630354378468398294554775889965658084"
},
"source": "https://android.googlesource.com/kernel/common/+/ae7e5da1cae2b6be45f7c6ab6a70d35f6e532d5a",
"target": {
"function": "binder_transaction",
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-d0dc8d2a",
"signature_type": "Function",
"digest": {
"length": 20220.0,
"function_hash": "335815782176887932271238368181408598136"
},
"source": "https://android.googlesource.com/kernel/common/+/370ea8bc2e0b1c4880c41bbfc2b01bac973209b9",
"target": {
"function": "binder_transaction",
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-da87085d",
"signature_type": "Line",
"digest": {
"line_hashes": [
"51888937389919906871644406365993764050",
"315719652939985718370173453336879978828",
"306596573906054325073390756280075125039",
"132267424506088119725110653472980559623"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/135a19cfad1e5e9c1db63970df743c28f5dd74c8",
"target": {
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-eb42badc",
"signature_type": "Line",
"digest": {
"line_hashes": [
"51888937389919906871644406365993764050",
"315719652939985718370173453336879978828",
"306596573906054325073390756280075125039",
"132267424506088119725110653472980559623"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/6a1de5f5d37141467efb9e5d9b3844a19f9990a9",
"target": {
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "ASB-A-352520660-ff81ab80",
"signature_type": "Function",
"digest": {
"length": 18521.0,
"function_hash": "256859784912828081331698653568560448651"
},
"source": "https://android.googlesource.com/kernel/common/+/30efc10dfe20bbf7410adb3d756106f365ac75cc",
"target": {
"function": "binder_transaction",
"file": "drivers/android/binder.c"
},
"signature_version": "v1",
"deprecated": false
}
],
"severity": "High",
"types": [
"EoP"
],
"spl": "2024-11-05",
"fixes": [
"https://android.googlesource.com/kernel/common/+/f4e5b5151e55932279287c55d4e4a801fbf1df96",
"https://android.googlesource.com/kernel/common/+/135a19cfad1e5e9c1db63970df743c28f5dd74c8",
"https://android.googlesource.com/kernel/common/+/c2201dde2a76788b5b7a75426e53a58e1490a028",
"https://android.googlesource.com/kernel/common/+/6a1de5f5d37141467efb9e5d9b3844a19f9990a9",
"https://android.googlesource.com/kernel/common/+/ae7e5da1cae2b6be45f7c6ab6a70d35f6e532d5a",
"https://android.googlesource.com/kernel/common/+/30efc10dfe20bbf7410adb3d756106f365ac75cc",
"https://android.googlesource.com/kernel/common/+/370ea8bc2e0b1c4880c41bbfc2b01bac973209b9",
"https://android.googlesource.com/kernel/common/+/b42ed94769088450987f2b52f41a3fb274244827"
]
}