Lucene search

GoogleOSV:ASB-A-242096164

HistoryNov 01, 2022 - 12:00 a.m.

[ASB Platform] [Pixploit] The bootloader libfdt bug

2022-11-0100:00:00

Google

osv.dev

bootloader bug

libfdt

local privilege escalation

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.7%

JSON

In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

CPENameOperatorVersion
platform/external/dtceq12L
platform/external/dtceq11
platform/external/dtceq12
platform/external/dtceq10
platform/external/dtceq13

Name	Operator	Version
platform/external/dtc	eq	12L
platform/external/dtc	eq	11
platform/external/dtc	eq	12
platform/external/dtc	eq	10
platform/external/dtc	eq	13

References

android.googlesource.com/platform/external/dtc/+/922334f6fb875169d64f9c33cba62d0dafc9faa2

source.android.com/security/bulletin/2022-11-01

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.7%

JSON

Related for OSV:ASB-A-242096164