PUB-A-188883590

See a problem?
Import Source
https://storage.googleapis.com/android-osv-test/PUB-A-188883590.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-188883590
Aliases
Published
2021-12-01T00:00:00Z
Modified
2024-09-19T16:27:58.110664Z
Summary
Android Vomit Report
Details

In llcpsockbind/connect of llcp_sock.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / :linux_kernel:

Package

Name
:linux_kernel:

Affected ranges

Type
ECOSYSTEM
Events
Introduced
:0
Fixed
:2021-12-05

Affected versions

Other

Kernel

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "311094159527864628640556853982591429526",
                    "203292252911839515088011983804166653463",
                    "308573746362083104035073468352641602010",
                    "5279465986961289992332284036729216628",
                    "85575399929900907337989227198497564042",
                    "126171394193079237581312123621842699727",
                    "288547535770063650017500347390234957222",
                    "149409826401548706840558205560670734961",
                    "166002976706544160484421132193625339354",
                    "44404290750259019290273165593457701535",
                    "84182691138410624671421697158134401692",
                    "136914315875162032102166272494007540277",
                    "38929964334056905252990502398175936064",
                    "5279465986961289992332284036729216628",
                    "53389377917570243283987578637839388379",
                    "98390281507922327696085971841354854994",
                    "175263582922151470655635921516058473873",
                    "137566750082232521716198589159339969188"
                ]
            },
            "id": "PUB-A-188883590-2a529ed9",
            "source": "https://android.googlesource.com/kernel/common/+/c61760e6940d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "net/nfc/llcp_sock.c"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1641.0,
                "function_hash": "257256339786181560469811602584949137300"
            },
            "id": "PUB-A-188883590-5fd903ce",
            "source": "https://android.googlesource.com/kernel/common/+/c61760e6940d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "net/nfc/llcp_sock.c",
                "function": "llcp_sock_bind"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 2419.0,
                "function_hash": "156832375398182454174429829983129193647"
            },
            "id": "PUB-A-188883590-965cb533",
            "source": "https://android.googlesource.com/kernel/common/+/c61760e6940d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "net/nfc/llcp_sock.c",
                "function": "llcp_sock_connect"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/kernel/common/+/c61760e6940d"
    ],
    "spl": "2021-12-05",
    "severity": "Moderate",
    "types": [
        "EoP"
    ]
}