PUB-A-260709824
See a problem?- Import Source
- https://storage.googleapis.com/android-osv-test/PUB-A-260709824.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-260709824
- Aliases
-
- A-260709824
- CVE-2022-40303
- Published
- 2023-03-01T00:00:00Z
- Modified
- 2024-10-23T16:43:06.926828Z
- Summary
- [none]
- Details
-
In multiple functions of parser.c, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/external/libxml2
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 3554.0,
"function_hash": "295704980843758919418728197031397437394"
},
"id": "PUB-A-260709824-01faf41b",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseComment"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"100899283102114949410214263805758939910",
"174826104839170052127253863263029079066",
"62314279189072647234965375110685906554",
"112642957555336915895100671935048868512",
"298696478748702488869699548278435620755",
"286299562059020370926804001778761327893",
"247943075959208415850395246716971777652",
"311552413482930098912232402594371346166",
"66088470890422110618914414316028949271",
"248065319054847216664801148427841336265",
"139099025190206051474236541650746051404",
"255454742954463397006780519816618730489",
"142423831638253234338857721045131175976",
"46089661540869827479878348444726831834",
"142251772290142940315333018644478744472",
"255454742954463397006780519816618730489",
"142423831638253234338857721045131175976",
"46089661540869827479878348444726831834",
"142251772290142940315333018644478744472",
"241511410560408433785797025586857663004",
"112035375365758817616786326128388772602",
"245407095869444675346437084850801765220",
"176198400665249668566010014416744033384",
"66412352937927813626985636704895282461",
"4638933523313820251889122397867935822",
"14544875951476391361341118382511456431",
"240649236059874300012002342908737093332",
"183193690124507477706462880336236606167",
"108266467293046629762026330792846347817",
"263797154994055354203230149257813732790",
"232419217428927870217688200864724387178",
"201301559396149104547198795510817106978",
"185358271352204100990688161385017081426",
"4638933523313820251889122397867935822",
"74315568727398958517311932485753176033",
"206019899256308650551116209117650136444",
"311505270387245725234255727909690003701",
"89814062796132878943086217357193784969",
"150507196075753797089124206786868093435",
"298489604226832636828343790481431440135",
"269715371770098870879450053753606171860",
"225073844836707542852993777063000035433",
"177561443483749773951206225478918809364",
"219889457584679005123875011795002130098",
"101675930138757319917976998220622812130",
"309497709411937048287846282075278383173",
"52549199186299651152682707572107794626",
"188350864752504826297886633187886820536",
"255454742954463397006780519816618730489",
"142423831638253234338857721045131175976",
"46089661540869827479878348444726831834",
"157597224603136386282450988069217476870",
"112035375365758817616786326128388772602",
"245407095869444675346437084850801765220",
"225465999537327367420041708158973899430",
"225073844836707542852993777063000035433",
"177561443483749773951206225478918809364",
"199286384336056441263045073027512646497",
"193376004355795890061842007836180978480",
"259910215091664828754241400471017578889",
"138475464729033612268780102366423144096",
"146727868662847597736072021860868916701",
"232419217428927870217688200864724387178",
"149744171567387000867275568518948421800",
"44598899784099860858515377321610861583",
"177561443483749773951206225478918809364",
"89192864211824046374502528598869670892",
"278206661349347191644867755320973930694",
"17758782942479604979947227961353752690",
"201728915483735539517021691947395640813",
"24963743375791508479760103733804895517",
"306567096602146661326911491076648703867",
"118810348760874207889201332561523567042",
"185935045227073977094199782946722760463",
"118928600370850308125883348105329125551",
"261453551912442653327441115395242518277",
"239669946921730864217920526520893733622",
"189917480170159306221864966471879371508",
"202236171834661227031905285683598268327",
"120411617203415084740700110370319217441",
"149696447319480367190329947296677997138",
"154780335210219901362932471388472319449",
"321060595530355356637975306906286504428",
"281160245858485446105206368239557869481",
"90478689002414557341207955516665688473",
"200302246110116257530279331695636933761",
"282143602228051288185689572816221115009",
"245407095869444675346437084850801765220",
"225465999537327367420041708158973899430",
"225073844836707542852993777063000035433",
"177561443483749773951206225478918809364",
"296260258020980354418349366939483616996",
"66088470890422110618914414316028949271",
"59050271001291934191908595799016936263",
"338807971304989060936485460322199582471",
"262253746672769074195046325841425750870",
"155055690212466443418627648137411207785",
"300179590163779261067298548184702501497",
"207866450124802030483200684161808353717",
"17291674066415412416824700705495935973",
"210218858056003987808782435130580722222",
"239669946921730864217920526520893733622",
"189917480170159306221864966471879371508",
"202236171834661227031905285683598268327",
"195101878851573630708679308404837234923",
"211611035001628970350280741632546421111",
"255250968937589857619862262977035969120",
"150246014525032242671314582315914197632",
"130366246986869237326013730266692969934",
"207477300269421405645674516097627039363",
"6955404010715479873830385533360586694",
"78046017978526052524118457318231740378",
"320290028137536234977105904690283860092",
"140073127954721460062977526202866892255",
"16409803727077366361911007369450955780",
"78787916950052614257061466072715918630",
"191745025093054870428072019271425715750",
"298375920623273839394326419378517551130",
"328070123611320697851549887841226014498",
"337785188318325391978249511986875752312",
"126879091229931113127946533821329684419",
"208613640018356858071726536145950810954",
"45360272088381985468373023001174263574",
"122003332983231836083907027990715311512",
"307360721974176000801536605725975769175",
"132269520444051123087280067889868979982",
"298629884645482387945798964068684116765",
"131478362414989509111081753911041595188",
"175503966912397894360861976800151811374",
"304206737356444836461058594079451739640",
"156014843339094123498236260485620082171",
"65387897360338364091594339720576195020",
"34205822691517390998711675677836560652",
"280848017034332268013176808192735798614",
"114673306789455057104084903172272964440",
"328349718121924707327146212049546675748",
"63736601674330777984469631701588932230",
"295665088803774852272181170342234075710",
"322824729501552071799385423929668226303",
"96453475576556400120774732744759301472",
"320590297975653781781031189853405462649",
"299897071203985203778596072552119137684",
"156014843339094123498236260485620082171",
"246211774596270153328977482827914446293",
"133312303297283327903091571890690657132",
"175075891354354004989302855510803023038",
"316239381746080909270896504401399722269",
"277373024501270824540800641426872727307",
"93856777002897194161187331922032873530",
"28741992560154857903964138934524337322",
"34695086719867749935072226231580518576",
"177971246438963712491026080459321603582",
"139010315660422018748946284285493099287",
"20337671521227638086903425359478733254",
"202140807660396619623910680678954560407",
"179212100758099527139198451809585452807",
"302190466083414941552601535370473439727",
"128492010458033960683462695324814736663",
"233020567826663241353060096233363826571",
"54270618900158896291753025570227864495",
"271828190866180929381621474821737106830",
"228838574253830496966967877766977779254",
"304570666788849264472519229444171450251",
"219253475062700402885552905777113512124",
"238903615816279500250130951647533200402",
"30708016901086139338780160525186252099",
"122123832115178982673125664351498092630",
"91171796018173921479549128543544681156",
"264223739615549737153576181032199782234",
"95691100207377078132296104917300548319",
"237723208302246142824192248702983198781",
"66652014607524749537138726961181148958",
"312617669602987644087814083582373266049",
"240837761926806826235123298372733004672",
"206647625086765827990743775017499427119",
"233020567826663241353060096233363826571",
"54270618900158896291753025570227864495",
"113711351233346316401745279210762189179",
"300991010263853872774350220403624515981",
"209994202057543913275537028491533599366",
"23891573255900494483345711547300282233",
"320067019047219624095178580085256003881",
"279260316430271994862899700068936971118",
"277184631586070368630914203264483972656",
"283553808627461267678691364578832602312",
"40347708333453854293137942451019679462",
"296748597094000826928017895277020425011",
"41378624782442618034971719791972222970",
"80929353210861477203673172371956815780",
"65685816332480790505481065317791306367",
"296604705305715570735123660226665881351",
"173702249483758421545347884355013530993",
"51928064214472770019098437980159370541",
"122900233020978817543619167404995153382",
"295446588553390493748453268113402892219",
"264489558240982778947376422942460450789",
"29734802476294426247485305112541828756",
"304570666788849264472519229444171450251",
"338001373936142220333855293095730650270",
"51219283476404727874457114628800876614",
"92230014877176486397099876364006300081",
"324236297150872259486723021521345040973",
"302999719383793302207332500696681358853",
"110291991746387286204510350491380085040",
"37788537902239255168064534865700882616",
"41378624782442618034971719791972222970",
"80929353210861477203673172371956815780",
"65685816332480790505481065317791306367",
"286707930760536354681506237731007231558",
"296020147594880633398396189360035629898",
"211777013957374629630392521332005171955",
"178198131013297721828497122659951804767",
"314519660012042344254656873449597193952",
"10306804149017646758764421494121387669",
"79542938201254823731832609603090485674",
"165439977897452727198465363139589515153",
"273321646165967531227690168548325103870",
"54986836303263267152289266332932656928",
"96542967799766526660819798298344672681",
"160281012327496220050162364871207260165",
"37781306588506248664573688268534219611",
"64573026203118883534938816934238804815",
"262682514097691705132349462495030808068",
"264489558240982778947376422942460450789",
"29734802476294426247485305112541828756",
"124321955660960735173017601423384691942",
"37788537902239255168064534865700882616",
"51653366075578812569588264468121686055",
"165439977897452727198465363139589515153",
"273321646165967531227690168548325103870",
"54986836303263267152289266332932656928",
"96542967799766526660819798298344672681",
"160281012327496220050162364871207260165",
"182748261779931524972797876390412260835",
"107510075689974353669898090502138058508",
"255323055065178596156377810199718969232",
"139111922461017054883282313517154133098",
"239562638712674317306486095140168535076",
"278782894320222940054985850420319434864",
"172926775048274789948297747932653358486",
"175555649553583703916436605540636090817",
"276742063671274408663800129921579015356",
"228163423044799093692074005902412269680",
"255334784379129236576100754510144904169",
"76205427574762466967773623652496649365",
"271944806732512824865221768712338506839",
"276742063671274408663800129921579015356",
"228163423044799093692074005902412269680",
"255334784379129236576100754510144904169",
"76205427574762466967773623652496649365",
"240167955522549920278477167484646683289",
"69034286086767151174635070083541826382",
"52289360945436279514192125460526580115",
"255334784379129236576100754510144904169",
"76205427574762466967773623652496649365",
"133825778885218432263115898808563321127",
"314375277545931320619990705176611789848",
"260510461332790760482871238196645234877",
"337691050352573557849491114114533078475",
"236756306689181444753569336660119486417",
"277423862488614870628251437681896200080",
"255334784379129236576100754510144904169",
"76205427574762466967773623652496649365",
"267021393968865023251199767121455933821",
"276742063671274408663800129921579015356",
"228163423044799093692074005902412269680",
"255334784379129236576100754510144904169",
"76205427574762466967773623652496649365",
"219533907951413417430798676897554459518",
"203518513634231180820916501198838178563",
"22452082619274921906443002044391119793",
"255334784379129236576100754510144904169",
"76205427574762466967773623652496649365",
"290955018190538249639740495945730739819",
"31360519592335839004792076807913104820",
"21995060982868783278527043594224719873",
"276343786034113445187855742952507710732",
"125340717190443168782495476059558822287",
"177025119427997762401679354272238105519",
"182078996973411345217312505508132732632",
"198487202188943451833940161705826347426",
"146072502421931602006416211812648415525",
"286651538971716421896155971178157894880",
"181847387312375378895687820282883055122",
"278844460169364980380140732827511052410",
"53967026538768190938956382802566236548",
"169260077083421241802546858585427924589",
"278828148000183230778802577077780839100",
"241284987734257088063607117531394622765",
"7740783654850293411353763233654046546",
"126306819178340929469781523013348697488"
]
},
"id": "PUB-A-260709824-17e06927",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 1714.0,
"function_hash": "321075489412566521987758381045443400696"
},
"id": "PUB-A-260709824-3292ceb5",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseNmtoken"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 2137.0,
"function_hash": "312582034012833120686477499617739707840"
},
"id": "PUB-A-260709824-488baf6b",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseEntityValue"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 1226.0,
"function_hash": "68839071721156655692438775112708392872"
},
"id": "PUB-A-260709824-5a1261af",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseNCNameComplex"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 1023.0,
"function_hash": "202449638824747040019317181123257241467"
},
"id": "PUB-A-260709824-5ff64ba7",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseName"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 3379.0,
"function_hash": "58271298297787427760965725347636038193"
},
"id": "PUB-A-260709824-7d082644",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseNameComplex"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 1114.0,
"function_hash": "122368681203104511528170236661488698444"
},
"id": "PUB-A-260709824-8bacc19e",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseNCName"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 1511.0,
"function_hash": "290575538715094863267836077471000379086"
},
"id": "PUB-A-260709824-a492db76",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseStringName"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 2127.0,
"function_hash": "102354911597318426961439633106182290142"
},
"id": "PUB-A-260709824-c005ec8f",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseCDSect"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 4705.0,
"function_hash": "28462958395680407330271871116128836527"
},
"id": "PUB-A-260709824-c2cea3a9",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseAttValueComplex"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 1386.0,
"function_hash": "176895176069274249113242080073623911855"
},
"id": "PUB-A-260709824-c75c1f58",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParsePubidLiteral"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 1549.0,
"function_hash": "256796879084468806363293693111400661247"
},
"id": "PUB-A-260709824-dee424c8",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseSystemLiteral"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 3177.0,
"function_hash": "184996364591307111394000562353371060746"
},
"id": "PUB-A-260709824-e1b520b3",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParsePI"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 3687.0,
"function_hash": "287971234688890962565450265277287669386"
},
"id": "PUB-A-260709824-e703e218",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseAttValueInternal"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 2673.0,
"function_hash": "57398693293257367773179735765794778011"
},
"id": "PUB-A-260709824-ea2b8fdd",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlParseCommentComplex"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 5629.0,
"function_hash": "274391314201715480840732034568514594517"
},
"id": "PUB-A-260709824-ede084ad",
"source": "https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "parser.c",
"function": "xmlFatalErr"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/external/libxml2/+/b83e2ff798a116f50bf012a74432217c7d14743c"
],
"spl": "2023-03-01",
"severity": "Moderate",
"types": [
"ID"
]
}