自动数据同步 2025-11-13

Author: github-actions[bot]

data/all_vuln/ASB-A-111893654.json

@@ -1 +1 @@
-{"schema_version":"1.7.3","id":"ASB-A-111893654","published":"2020-09-01T00:00:00Z","modified":"2025-11-11T15:55:36.864626Z","aliases":["A-111893654","CVE-2020-0404"],"details":"In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.","affected":[{"package":{"name":":linux_kernel:","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":":0"},{"fixed":":2020-09-05"}]}],"versions":["Kernel"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/kernel/common/+/68035c80e129"],"severity":"High","spl":"2020-09-05","types":["EoP"],"vanir_signatures":[{"deprecated":false,"digest":{"function_hash":"60626479737422533824532741070373279186","length":1549},"id":"ASB-A-111893654-2d607d27","signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/kernel/common/+/68035c80e129","target":{"file":"drivers/media/usb/uvc/uvc_driver.c","function":"uvc_scan_chain_backward"}},{"deprecated":false,"digest":{"line_hashes":["120562242773611334247690270017307367008","314134717899991047975011651615276986161","329785512308302717970716491869670669225","318417455983384928294155248693750694405","200622169402816814162099168487583731592","272887279343761342340979204992761554541","151803682576569073663657577465118544463"],"threshold":0.9},"id":"ASB-A-111893654-5f80e208","signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/kernel/common/+/68035c80e129","target":{"file":"drivers/media/usb/uvc/uvc_driver.c"}},{"deprecated":false,"digest":{"function_hash":"194215759102333248697385159289433439026","length":1173},"id":"ASB-A-111893654-8ead4b9c","signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/kernel/common/+/68035c80e129","target":{"file":"drivers/media/usb/uvc/uvc_driver.c","function":"uvc_scan_chain_forward"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-111893654.json"}}],"references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2020-09-01"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/68035c80e129"}]}
+{"schema_version":"1.7.3","id":"ASB-A-111893654","published":"2020-09-01T00:00:00Z","modified":"2025-11-12T16:31:56.883595Z","aliases":["A-111893654","CVE-2020-0404"],"details":"In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.","affected":[{"package":{"name":":linux_kernel:","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":":0"},{"fixed":":2020-09-05"}]}],"versions":["Kernel"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/kernel/common/+/68035c80e129"],"severity":"High","spl":"2020-09-05","types":["EoP"],"vanir_signatures":[{"deprecated":false,"digest":{"function_hash":"60626479737422533824532741070373279186","length":1549},"id":"ASB-A-111893654-2d607d27","signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/kernel/common/+/68035c80e129","target":{"file":"drivers/media/usb/uvc/uvc_driver.c","function":"uvc_scan_chain_backward"}},{"deprecated":false,"digest":{"line_hashes":["120562242773611334247690270017307367008","314134717899991047975011651615276986161","329785512308302717970716491869670669225","318417455983384928294155248693750694405","200622169402816814162099168487583731592","272887279343761342340979204992761554541","151803682576569073663657577465118544463"],"threshold":0.9},"id":"ASB-A-111893654-5f80e208","signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/kernel/common/+/68035c80e129","target":{"file":"drivers/media/usb/uvc/uvc_driver.c"}},{"deprecated":false,"digest":{"function_hash":"194215759102333248697385159289433439026","length":1173},"id":"ASB-A-111893654-8ead4b9c","signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/kernel/common/+/68035c80e129","target":{"file":"drivers/media/usb/uvc/uvc_driver.c","function":"uvc_scan_chain_forward"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-111893654.json"}}],"references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2020-09-01"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/68035c80e129"}]}

data/all_vuln/ASB-A-112551163.json

@@ -1 +1 @@
-{"schema_version":"1.7.3","id":"ASB-A-112551163","published":"2022-06-01T00:00:00Z","modified":"2025-11-11T15:55:36.864626Z","aliases":["A-112551163","CVE-2022-20141"],"details":"In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.","affected":[{"package":{"name":":linux_kernel:","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":":0"},{"fixed":":2022-06-05"}]}],"versions":["Kernel"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/kernel/common/+/ddd7e8b7b8483"],"severity":"High","spl":"2022-06-05","types":["EoP"],"vanir_signatures":[{"deprecated":false,"digest":{"function_hash":"148752900669546676262646101291174165580","length":865},"id":"ASB-A-112551163-aabceb8f","signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/kernel/common/+/ddd7e8b7b8483","target":{"file":"net/ipv4/igmp.c","function":"ip_check_mc_rcu"}},{"deprecated":false,"digest":{"line_hashes":["139666445514677959893918605572167096150","264823107075137704350786462337731900978","226874223176768536994961202130270424809","12727690954197855594810725324244812831","325009213879560654102952478890050812096","226996935081010119778023672641902602782","37210404083809076417640732346559794002","320393779584283838040621216406498771184"],"threshold":0.9},"id":"ASB-A-112551163-f492ce00","signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/kernel/common/+/ddd7e8b7b8483","target":{"file":"net/ipv4/igmp.c"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-112551163.json"}}],"references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-06-01"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/ddd7e8b7b8483"}]}
+{"schema_version":"1.7.3","id":"ASB-A-112551163","published":"2022-06-01T00:00:00Z","modified":"2025-11-12T16:31:56.883595Z","aliases":["A-112551163","CVE-2022-20141"],"details":"In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.","affected":[{"package":{"name":":linux_kernel:","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":":0"},{"fixed":":2022-06-05"}]}],"versions":["Kernel"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/kernel/common/+/ddd7e8b7b8483"],"severity":"High","spl":"2022-06-05","types":["EoP"],"vanir_signatures":[{"deprecated":false,"digest":{"function_hash":"148752900669546676262646101291174165580","length":865},"id":"ASB-A-112551163-aabceb8f","signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/kernel/common/+/ddd7e8b7b8483","target":{"file":"net/ipv4/igmp.c","function":"ip_check_mc_rcu"}},{"deprecated":false,"digest":{"line_hashes":["139666445514677959893918605572167096150","264823107075137704350786462337731900978","226874223176768536994961202130270424809","12727690954197855594810725324244812831","325009213879560654102952478890050812096","226996935081010119778023672641902602782","37210404083809076417640732346559794002","320393779584283838040621216406498771184"],"threshold":0.9},"id":"ASB-A-112551163-f492ce00","signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/kernel/common/+/ddd7e8b7b8483","target":{"file":"net/ipv4/igmp.c"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-112551163.json"}}],"references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-06-01"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/ddd7e8b7b8483"}]}

data/all_vuln/ASB-A-119041698.json

@@ -1 +1 @@
-{"schema_version":"1.7.3","id":"ASB-A-123700107","published":"2022-01-01T00:00:00Z","modified":"2025-11-11T15:55:36.864626Z","aliases":["A-123700107","CVE-2020-0338"],"details":"In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.","affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2022-01-01"}]}],"versions":["9"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69"],"severity":"High","spl":"2022-01-01","types":["ID"],"vanir_signatures":[{"deprecated":false,"digest":{"function_hash":"68261433565601544786476283400984335175","length":1068},"id":"ASB-A-123700107-03a23f36","signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69","target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java","function":"checkKeyIntent"}},{"deprecated":false,"digest":{"line_hashes":["132600098045001412979891564682349658570","271068497307364392868344124560766892673","283754210840208246385413105894808193542","144060679038207743109726406051560226052","131094452132685235150002717794774811759","83827557049711101773014040991333944590","171461906003480789106110175043693999539","26201431595287121459658298239648137151"],"threshold":0.9},"id":"ASB-A-123700107-fc8da09c","signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69","target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-123700107.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2022-01-01"}]}],"versions":["10"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69"],"severity":"High","spl":"2022-01-01","types":["ID"],"vanir_signatures":[{"deprecated":false,"digest":{"function_hash":"68261433565601544786476283400984335175","length":1068},"id":"ASB-A-123700107-56503b2e","signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69","target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java","function":"checkKeyIntent"}},{"deprecated":false,"digest":{"line_hashes":["132600098045001412979891564682349658570","271068497307364392868344124560766892673","283754210840208246385413105894808193542","144060679038207743109726406051560226052","131094452132685235150002717794774811759","83827557049711101773014040991333944590","171461906003480789106110175043693999539","26201431595287121459658298239648137151"],"threshold":0.9},"id":"ASB-A-123700107-57e08d15","signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69","target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-123700107.json"}}],"references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-01-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/6ebf410b818c6a525130d5fcb72381217fec8e7a"}]}
+{"schema_version":"1.7.3","id":"ASB-A-123700107","published":"2022-01-01T00:00:00Z","modified":"2025-11-12T16:31:56.883595Z","aliases":["A-123700107","CVE-2020-0338"],"details":"In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.","affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2022-01-01"}]}],"versions":["9"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69"],"severity":"High","spl":"2022-01-01","types":["ID"],"vanir_signatures":[{"deprecated":false,"digest":{"function_hash":"68261433565601544786476283400984335175","length":1068},"id":"ASB-A-123700107-03a23f36","signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69","target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java","function":"checkKeyIntent"}},{"deprecated":false,"digest":{"line_hashes":["132600098045001412979891564682349658570","271068497307364392868344124560766892673","283754210840208246385413105894808193542","144060679038207743109726406051560226052","131094452132685235150002717794774811759","83827557049711101773014040991333944590","171461906003480789106110175043693999539","26201431595287121459658298239648137151"],"threshold":0.9},"id":"ASB-A-123700107-fc8da09c","signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69","target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-123700107.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2022-01-01"}]}],"versions":["10"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69"],"severity":"High","spl":"2022-01-01","types":["ID"],"vanir_signatures":[{"deprecated":false,"digest":{"function_hash":"68261433565601544786476283400984335175","length":1068},"id":"ASB-A-123700107-56503b2e","signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69","target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java","function":"checkKeyIntent"}},{"deprecated":false,"digest":{"line_hashes":["132600098045001412979891564682349658570","271068497307364392868344124560766892673","283754210840208246385413105894808193542","144060679038207743109726406051560226052","131094452132685235150002717794774811759","83827557049711101773014040991333944590","171461906003480789106110175043693999539","26201431595287121459658298239648137151"],"threshold":0.9},"id":"ASB-A-123700107-57e08d15","signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/3cf2b049867977916d29f1674f71e89b49ea1f69","target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-123700107.json"}}],"references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-01-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/6ebf410b818c6a525130d5fcb72381217fec8e7a"}]}