ASB-A-268589017
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-268589017.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-268589017
- Aliases
-
- A-268589017
- CVE-2023-25012
- Published
- 2023-07-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In bigben_remove of hid-bigbenff.c, there is a possible race condition due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
-
- https://source.android.com/security/bulletin/2023-07-01
- https://android.googlesource.com/kernel/common/+/2cabed5f026551685b5c652fedcb010cc1e4c22a
- https://android.googlesource.com/kernel/common/+/1fd3cdb1c245d67442d04c06c63dd0de96cd6091
- https://android.googlesource.com/kernel/common/+/e422c244a9b2192e3734825bd0c1cfed5cf8cc23
- https://android.googlesource.com/kernel/common/+/617c5ccc25ececa1efbc96a6a87499ec02070535
Affected packages
Android / :linux_kernel:
Package
- Name
- :linux_kernel:
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"150806394922372306520867468636303535403",
"100355171888563622330363374148209553804",
"114756578028980487798794427515892715651",
"98338438260130467145450726012849214816"
]
},
"id": "ASB-A-268589017-06cd4427",
"source": "https://android.googlesource.com/kernel/common/+/1fd3cdb1c245d67442d04c06c63dd0de96cd6091",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 631.0,
"function_hash": "173329870709256075901518500633917247874"
},
"id": "ASB-A-268589017-0b31adc1",
"source": "https://android.googlesource.com/kernel/common/+/e422c244a9b2192e3734825bd0c1cfed5cf8cc23",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c",
"function": "hid_bigben_play_effect"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"47078364368640867469028644796454700973",
"10369359589696548902201438536105334896",
"102133623324249312242667377922268104764",
"131380323297942395671530660106611804348",
"121242916892447794310831024891517723333",
"62136394718521697104661652866492385079",
"148069679042890058808355501733377113712",
"339155058200001361619470398183537589367",
"20827325889441192208216152679191234728",
"124046928327778031277101799983837463611",
"216999699844899041982247809739287722358",
"113019699757089574244894421564626018417",
"123196098272088532171390740226088477958",
"312533909955340852980348141069953644250",
"42955897544003012181618577187722397174"
]
},
"id": "ASB-A-268589017-213dd575",
"source": "https://android.googlesource.com/kernel/common/+/617c5ccc25ececa1efbc96a6a87499ec02070535",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 1573.0,
"function_hash": "135773091381837721091354169965703968703"
},
"id": "ASB-A-268589017-3882720d",
"source": "https://android.googlesource.com/kernel/common/+/1fd3cdb1c245d67442d04c06c63dd0de96cd6091",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c",
"function": "bigben_worker"
},
"signature_type": "Function"
},
{
"digest": {
"length": 540.0,
"function_hash": "253322112641557034882541029482987213618"
},
"id": "ASB-A-268589017-5364649d",
"source": "https://android.googlesource.com/kernel/common/+/2cabed5f026551685b5c652fedcb010cc1e4c22a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c",
"function": "hid_bigben_play_effect"
},
"signature_type": "Function"
},
{
"digest": {
"length": 2191.0,
"function_hash": "338122517525090694269655243517906965701"
},
"id": "ASB-A-268589017-5b83031d",
"source": "https://android.googlesource.com/kernel/common/+/617c5ccc25ececa1efbc96a6a87499ec02070535",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c",
"function": "bigben_probe"
},
"signature_type": "Function"
},
{
"digest": {
"length": 722.0,
"function_hash": "316436784951831304433901309868418571802"
},
"id": "ASB-A-268589017-7b6901c4",
"source": "https://android.googlesource.com/kernel/common/+/e422c244a9b2192e3734825bd0c1cfed5cf8cc23",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c",
"function": "bigben_set_led"
},
"signature_type": "Function"
},
{
"digest": {
"length": 2174.0,
"function_hash": "283228630286872131567950752744282302055"
},
"id": "ASB-A-268589017-7c564d36",
"source": "https://android.googlesource.com/kernel/common/+/2cabed5f026551685b5c652fedcb010cc1e4c22a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c",
"function": "bigben_probe"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"10783932124717809065975525814018063746",
"202233066716543381168893117077506060221",
"333075247382177478790015001077471032434",
"253314601472456783949022845032610302604",
"32406587198122137956585265619737078713",
"79637830955801454955686322642667708249",
"100659576457065707686811531392018260379",
"57330006653911811855992188186599142947",
"46763203180011333946095053591512509477",
"15352880012144436811199965153276177727",
"337767392239476776783508601174493753433",
"8918760447863121913208547831843011759",
"188557900762768751391097565843114349304",
"129656771386629272065452813164927016795",
"339113479530564011719211118262377073845",
"94541647880187338145795639687270206316",
"66751151447730835198057130407968116262",
"137772132008674241987705400607841494738",
"41141773345157091071534849436471571138",
"26768272055240480568538285424629472970"
]
},
"id": "ASB-A-268589017-8b80cbc9",
"source": "https://android.googlesource.com/kernel/common/+/e422c244a9b2192e3734825bd0c1cfed5cf8cc23",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 1564.0,
"function_hash": "273026948227071602714984146253039623031"
},
"id": "ASB-A-268589017-910a666b",
"source": "https://android.googlesource.com/kernel/common/+/e422c244a9b2192e3734825bd0c1cfed5cf8cc23",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c",
"function": "bigben_worker"
},
"signature_type": "Function"
},
{
"digest": {
"length": 631.0,
"function_hash": "49550790642047497120172017436086097902"
},
"id": "ASB-A-268589017-9497a5ea",
"source": "https://android.googlesource.com/kernel/common/+/2cabed5f026551685b5c652fedcb010cc1e4c22a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c",
"function": "bigben_set_led"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"170801758030258884861538758678594740558",
"249299439092359066189043364722627743794",
"338185359276941740510402377774585588655",
"243988816042995455867667886171933946996",
"194884766443985677085074988040487977982",
"14050074771272841572925121763737910571",
"310848588941783372125153587426800903406",
"114930066354983457361395835245500415982",
"182796686242458689615299952093860967961",
"8856487086507521612684844259235970694",
"45425450697047727821099591776666263505",
"29994108566393786553873268571238061464",
"87361166835025475804465819775434098565",
"58464657697028961571603197470196277868",
"319417364505333290779605446045284606238",
"222499932173199658469388865283481070023",
"172223357612224858570786271706609504995",
"135755269103756455523942389206606290120",
"269138159219430080731722709720880318934",
"87361166835025475804465819775434098565",
"58464657697028961571603197470196277868",
"205193334889348892144716625732812925137",
"37580888543137018229929689971565560820",
"54350655327342768431080282528221078477",
"12976282385784092870387876656271071643",
"335112332198927072552576369584495425474",
"298365815644179876281009239263697715908",
"75293277767135240181672102136738448500",
"155657313313497202882429295917850638759",
"245989983336163126006365334266750952164",
"4243887715503796700629760273369901146",
"271379221828688470156356452522374788708",
"281531320475889412786366087001393100772",
"218899643482385094823171014173114825751",
"29153715790109213959964471663817725152",
"123135806629766317768781298406167394939",
"244211682463083748058152249323332992588",
"110890128933949637954732212540028237021",
"252892435672143168980475661694822741067",
"251648637410287476767106334621474181798",
"229143915330479384821799721147044601002",
"306298246618403798313004315661778723718",
"326221262382217482924765384005787549588",
"92835713279487021264974299402717527285",
"61115457479083266547468666442929555162",
"47852149208762194314475291085487113686",
"193716436960222311270232671761533491997",
"281885871057663333599686874996815656620",
"254283279391829507920935632123963201351",
"46100703413552992586614102686129373539",
"20900816375716886551510191443487014802",
"177753618342386356883083646543526440254",
"315319771030054542194016383492202682748",
"243496798770318132164128249183923634695",
"231809816367966581616030502784605238494",
"9885306284604865265059417382592059605"
]
},
"id": "ASB-A-268589017-bb9e52ca",
"source": "https://android.googlesource.com/kernel/common/+/2cabed5f026551685b5c652fedcb010cc1e4c22a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c"
},
"signature_type": "Line"
},
{
"digest": {
"length": 2203.0,
"function_hash": "59826607660057764668765012329557463594"
},
"id": "ASB-A-268589017-e88c9168",
"source": "https://android.googlesource.com/kernel/common/+/e422c244a9b2192e3734825bd0c1cfed5cf8cc23",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c",
"function": "bigben_probe"
},
"signature_type": "Function"
},
{
"digest": {
"length": 154.0,
"function_hash": "139532792595065699547609751039221578526"
},
"id": "ASB-A-268589017-f32a0dcc",
"source": "https://android.googlesource.com/kernel/common/+/2cabed5f026551685b5c652fedcb010cc1e4c22a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c",
"function": "bigben_remove"
},
"signature_type": "Function"
},
{
"digest": {
"length": 982.0,
"function_hash": "130189952422934216779969856399260567000"
},
"id": "ASB-A-268589017-fc4aef55",
"source": "https://android.googlesource.com/kernel/common/+/2cabed5f026551685b5c652fedcb010cc1e4c22a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/hid/hid-bigbenff.c",
"function": "bigben_worker"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/kernel/common/+/2cabed5f026551685b5c652fedcb010cc1e4c22a",
"https://android.googlesource.com/kernel/common/+/1fd3cdb1c245d67442d04c06c63dd0de96cd6091",
"https://android.googlesource.com/kernel/common/+/e422c244a9b2192e3734825bd0c1cfed5cf8cc23",
"https://android.googlesource.com/kernel/common/+/617c5ccc25ececa1efbc96a6a87499ec02070535"
],
"spl": "2023-07-05",
"severity": "High",
"types": [
"EoP"
]
}