ASB-A-175193031
See a problem?- Import Source
- https://storage.googleapis.com/android-osv-test/ASB-A-175193031.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-175193031
- Aliases
-
- A-175193031
- CVE-2020-14381
- Published
- 2021-08-01T00:00:00Z
- Modified
- 2024-09-19T16:27:49.277558Z
- Summary
- Android Vomit Report
- Details
-
In futexsetuptimer and related functions of futex.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / :linux_kernel:
Package
- Name
- :linux_kernel:
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 365.0,
"function_hash": "282028673913705372080548951146152483629"
},
"id": "ASB-A-175193031-060c2605",
"source": "https://android.googlesource.com/kernel/common/+/8019ad13ef7f64be44d4f892af9c840179009254",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/futex.c",
"function": "get_futex_key_refs"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"225841678817929804105344848207817203727",
"241936174136776133829250901711474255239",
"83691230565593305391621373308776520282",
"317408987809827657721927393510666747361"
]
},
"id": "ASB-A-175193031-0b1e0cfa",
"source": "https://android.googlesource.com/kernel/common/+/8019ad13ef7f64be44d4f892af9c840179009254",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "include/linux/fs.h"
},
"signature_type": "Line"
},
{
"digest": {
"length": 358.0,
"function_hash": "256967322258109938079540545875429673376"
},
"id": "ASB-A-175193031-3b71fe5f",
"source": "https://android.googlesource.com/kernel/common/+/8019ad13ef7f64be44d4f892af9c840179009254",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/futex.c",
"function": "drop_futex_key_refs"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"230744971195401288130627191547954842823",
"211127357769710341211336505123840086203",
"223896465548815511929732416192874484212",
"195211789378707427530363712531941152443",
"27213064731481272809241883819707334080",
"202404361305839365860301863658895764391",
"83822538963803172961150238880216516888",
"135422197697941568751249559187827700582",
"101870871030793852761589874639816271120",
"123884775452490913074377838750592379955",
"146732311113055482652018525674129277052",
"114952950682114127151436562538516442992",
"251856903832989451948821676129667668721",
"9640809441899830722058250453081542185",
"306014243791964214160361273551987327733",
"114643466419988552477100819623107863030",
"189133146165400672977871200733128576001",
"319648815059471282394804370335203257405",
"23947681010449533293521396795715034199",
"172029134429723997899540937363532015349",
"267576497048180801712971195444989451561",
"192751111435224228590908869342281583875",
"281794845464170717671969943442942908295",
"317774558663308463005369364169594256402",
"284910707618624202955147741024928021517",
"137152916533273283007371937256895584705",
"14440142934350694891750584554079577740",
"284824107555072767724379551301905605227",
"53089509811906778133369099335059308795",
"212586052990105367349220776620889644803",
"325653622803805233355656729939045730833",
"314382843384342374749507079552120999213",
"260923458147121407760795272648310252665",
"60069556135846207280891853717944915510"
]
},
"id": "ASB-A-175193031-6fd116f8",
"source": "https://android.googlesource.com/kernel/common/+/8019ad13ef7f64be44d4f892af9c840179009254",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/futex.c"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"111452198812326913730550942143857210815",
"87766513542484278407272696616802886018",
"15484196665771149059508317911677159500",
"90228417295428278250578187220276270997",
"147712307941903208843395870608426226108",
"212706926981469402678408146791062140167",
"276926196982029909468235867557785073289",
"224688884671022097837423789854950299692",
"220310317394217939780448604728947110652",
"105245571931909190354756280054953557774",
"131019882807181507805285072110519253213",
"265681283274407437668067939032827246681",
"250196792535479318812781168825484490889",
"112855155136791911856029834773871273206",
"287995816502077079244322662322416315840",
"43819587969497763002331070427534702921",
"3837322148247977244258777468079800650",
"32874732896297290009978364591559677067",
"150853477666196706619459834561079105242"
]
},
"id": "ASB-A-175193031-7a153f5d",
"source": "https://android.googlesource.com/kernel/common/+/8019ad13ef7f64be44d4f892af9c840179009254",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "include/linux/futex.h"
},
"signature_type": "Line"
},
{
"digest": {
"length": 1949.0,
"function_hash": "224703122958689725050710268330769074607"
},
"id": "ASB-A-175193031-8353b085",
"source": "https://android.googlesource.com/kernel/common/+/8019ad13ef7f64be44d4f892af9c840179009254",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "kernel/futex.c",
"function": "get_futex_key"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1992.0,
"function_hash": "217181746816137931412715083531560112179"
},
"id": "ASB-A-175193031-f31063e4",
"source": "https://android.googlesource.com/kernel/common/+/8019ad13ef7f64be44d4f892af9c840179009254",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "fs/inode.c",
"function": "inode_init_always"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"260187947260637658878704936142273918549",
"322288179877911543514123641936100429501",
"339597281592852085992351917251310976998",
"76123908760051706359067459854941600762"
]
},
"id": "ASB-A-175193031-f6e75b95",
"source": "https://android.googlesource.com/kernel/common/+/8019ad13ef7f64be44d4f892af9c840179009254",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "fs/inode.c"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/kernel/common/+/8019ad13ef7f64be44d4f892af9c840179009254"
],
"spl": "2021-08-05",
"severity": "High",
"types": [
"EoP"
]
}