ASB-A-159625731

See a problem?

Import Source

https://storage.googleapis.com/android-osv-test/ASB-A-159625731.json

JSON Data

https://api.test.osv.dev/v1/vulns/ASB-A-159625731

Aliases

A-159625731
CVE-2020-0452

Published

2020-11-01T00:00:00Z

Modified

2024-10-23T16:43:06.926828Z

Summary

[none]

Details

In exifentryget_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/external/libexif

Package

Name: platform/external/libexif

Affected ranges

Type: ECOSYSTEM
Events: Introduced

8.0:0

Fixed

8.0:2020-11-01

Affected versions

8.*

8.0

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "284322438145339945043720915456140922165",
                    "93281639976837326739273976352982873884",
                    "18325982235928269788913677721160134997",
                    "288125191916546280087425276079803197919",
                    "61811470730497895629839865950923936795",
                    "85008742746889107741124549964262222027",
                    "320703541205510993089784264294519513012",
                    "174698835426192614860996725383857514855"
                ]
            },
            "id": "ASB-A-159625731-5ebe907f",
            "source": "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libexif/exif-entry.c"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 17254.0,
                "function_hash": "186927656669605676165013706879416711535"
            },
            "id": "ASB-A-159625731-b7a97a2a",
            "source": "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libexif/exif-entry.c",
                "function": "exif_entry_get_value"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b"
    ],
    "spl": "2020-11-01",
    "severity": "High",
    "types": [
        "RCE"
    ]
}

Android / platform/external/libexif

Package

Name: platform/external/libexif

Affected ranges

Type: ECOSYSTEM
Events: Introduced

8.1:0

Fixed

8.1:2020-11-01

Affected versions

8.*

8.1

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "284322438145339945043720915456140922165",
                    "93281639976837326739273976352982873884",
                    "18325982235928269788913677721160134997",
                    "288125191916546280087425276079803197919",
                    "61811470730497895629839865950923936795",
                    "85008742746889107741124549964262222027",
                    "320703541205510993089784264294519513012",
                    "174698835426192614860996725383857514855"
                ]
            },
            "id": "ASB-A-159625731-2be2104e",
            "source": "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libexif/exif-entry.c"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 17254.0,
                "function_hash": "186927656669605676165013706879416711535"
            },
            "id": "ASB-A-159625731-fab1a3da",
            "source": "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libexif/exif-entry.c",
                "function": "exif_entry_get_value"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b"
    ],
    "spl": "2020-11-01",
    "severity": "High",
    "types": [
        "RCE"
    ]
}

Android / platform/external/libexif

Package

Name: platform/external/libexif

Affected ranges

Type: ECOSYSTEM
Events: Introduced

9:0

Fixed

9:2020-11-01

Affected versions

Other

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 17254.0,
                "function_hash": "186927656669605676165013706879416711535"
            },
            "id": "ASB-A-159625731-2afcc349",
            "source": "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libexif/exif-entry.c",
                "function": "exif_entry_get_value"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "284322438145339945043720915456140922165",
                    "93281639976837326739273976352982873884",
                    "18325982235928269788913677721160134997",
                    "288125191916546280087425276079803197919",
                    "61811470730497895629839865950923936795",
                    "85008742746889107741124549964262222027",
                    "320703541205510993089784264294519513012",
                    "174698835426192614860996725383857514855"
                ]
            },
            "id": "ASB-A-159625731-6d105974",
            "source": "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libexif/exif-entry.c"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b"
    ],
    "spl": "2020-11-01",
    "severity": "High",
    "types": [
        "RCE"
    ]
}

Android / platform/external/libexif

Package

Name: platform/external/libexif

Affected ranges

Type: ECOSYSTEM
Events: Introduced

10:0

Fixed

10:2020-11-01

Affected versions

Other

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 17254.0,
                "function_hash": "186927656669605676165013706879416711535"
            },
            "id": "ASB-A-159625731-33a217bb",
            "source": "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libexif/exif-entry.c",
                "function": "exif_entry_get_value"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "284322438145339945043720915456140922165",
                    "93281639976837326739273976352982873884",
                    "18325982235928269788913677721160134997",
                    "288125191916546280087425276079803197919",
                    "61811470730497895629839865950923936795",
                    "85008742746889107741124549964262222027",
                    "320703541205510993089784264294519513012",
                    "174698835426192614860996725383857514855"
                ]
            },
            "id": "ASB-A-159625731-5c846af4",
            "source": "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libexif/exif-entry.c"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b"
    ],
    "spl": "2020-11-01",
    "severity": "High",
    "types": [
        "RCE"
    ]
}

Android / platform/external/libexif

Package

Name: platform/external/libexif

Affected ranges

Type: ECOSYSTEM
Events: Introduced

11:0

Fixed

11:2020-11-01

Affected versions

Other

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 17254.0,
                "function_hash": "186927656669605676165013706879416711535"
            },
            "id": "ASB-A-159625731-3afe2825",
            "source": "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libexif/exif-entry.c",
                "function": "exif_entry_get_value"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "284322438145339945043720915456140922165",
                    "93281639976837326739273976352982873884",
                    "18325982235928269788913677721160134997",
                    "288125191916546280087425276079803197919",
                    "61811470730497895629839865950923936795",
                    "85008742746889107741124549964262222027",
                    "320703541205510993089784264294519513012",
                    "174698835426192614860996725383857514855"
                ]
            },
            "id": "ASB-A-159625731-90aa32a5",
            "source": "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libexif/exif-entry.c"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b"
    ],
    "spl": "2020-11-01",
    "severity": "High",
    "types": [
        "RCE"
    ]
}