PUB-A-174302683

See a problem?
Import Source
https://storage.googleapis.com/android-osv-test/PUB-A-174302683.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-174302683
Aliases
Published
2021-06-01T00:00:00Z
Modified
2024-10-23T16:43:06.926828Z
Summary
[none]
Details

In appendtoverifyfifointerleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/external/flac

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-06-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 1636.0,
                "function_hash": "69340343083601748657416805148163666540"
            },
            "id": "PUB-A-174302683-4d8ef586",
            "source": "https://android.googlesource.com/platform/external/flac/+/368eb3f5bec249a197c95a95583ff8153aa6a87f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libFLAC/stream_encoder.c",
                "function": "write_bitbuffer_"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "308515609129822083404769785577559681842",
                    "122343089576385096823581201290995179700",
                    "111761874591500673215426373446663132174",
                    "110080742025860690318431060099634259432"
                ]
            },
            "id": "PUB-A-174302683-cef0008b",
            "source": "https://android.googlesource.com/platform/external/flac/+/368eb3f5bec249a197c95a95583ff8153aa6a87f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "libFLAC/stream_encoder.c"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/external/flac/+/368eb3f5bec249a197c95a95583ff8153aa6a87f"
    ],
    "spl": "2021-06-01",
    "severity": "Moderate",
    "types": [
        "ID"
    ]
}