{"id":"ASB-A-176496160","details":"In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-176496160","CVE-2021-0436"],"modified":"2026-05-25T16:46:24.913870386Z","published":"2021-04-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-04-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/av/+/14937e01950dc4bce459c18fca9ef13dd3db5f8f"},{"type":"FIX","url":"https://android.googlesource.com/platform/hardware/interfaces/+/2658c0da40fabf8fff9a765ebd5c5b293c4b57e8"}],"affected":[{"package":{"name":"platform/hardware/interfaces","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"8.1:0"},{"fixed":"8.1:2021-04-01"}]}],"versions":["8.1"],"ecosystem_specific":{"vanir_signatures":[{"source":"https://android.googlesource.com/platform/hardware/interfaces/+/072cdf233c02d1dc3eb8b2e20498675aea70c21d","deprecated":false,"signature_version":"v1","digest":{"line_hashes":["72604702727132455093240508622843862530","285452902553993665142066946687343539874","218531093682696242280487765664984289807","216212382440762221775916728536235072685"],"threshold":0.9},"target":{"file":"drm/1.0/default/CryptoPlugin.cpp"},"id":"ASB-A-176496160-adfb5c33","signature_type":"Line"}],"types":["ID"],"spl":"2021-04-01","fixes":["https://android.googlesource.com/platform/hardware/interfaces/+/072cdf233c02d1dc3eb8b2e20498675aea70c21d"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-176496160.json"}},{"package":{"name":"platform/frameworks/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2021-04-01"}]}],"versions":["9"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"line_hashes":["72604702727132455093240508622843862530","285452902553993665142066946687343539874","218531093682696242280487765664984289807","216212382440762221775916728536235072685"],"threshold":0.9},"deprecated":false,"source":"https://android.googlesource.com/platform/frameworks/av/+/a7dd68bd2ef09f4e38621e29fea55e59ffbc195b","signature_version":"v1","target":{"file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"},"id":"ASB-A-176496160-1676ef9a","signature_type":"Line"},{"digest":{"length":4061,"function_hash":"306052193088613669448213253568073320311"},"deprecated":false,"source":"https://android.googlesource.com/platform/frameworks/av/+/a7dd68bd2ef09f4e38621e29fea55e59ffbc195b","signature_version":"v1","target":{"function":"CryptoPlugin::decrypt","file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"},"id":"ASB-A-176496160-dc29ed12","signature_type":"Function"}],"types":["ID"],"spl":"2021-04-01","fixes":["https://android.googlesource.com/platform/frameworks/av/+/a7dd68bd2ef09f4e38621e29fea55e59ffbc195b"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-176496160.json"}},{"package":{"name":"platform/hardware/interfaces","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2021-04-01"}]}],"versions":["9"],"ecosystem_specific":{"vanir_signatures":[{"source":"https://android.googlesource.com/platform/hardware/interfaces/+/c9b5693c7f024a6b0c7fc59123dbc313ecbf6e9b","deprecated":false,"signature_version":"v1","digest":{"line_hashes":["72604702727132455093240508622843862530","285452902553993665142066946687343539874","218531093682696242280487765664984289807","216212382440762221775916728536235072685"],"threshold":0.9},"target":{"file":"drm/1.0/default/CryptoPlugin.cpp"},"id":"ASB-A-176496160-cc03fa12","signature_type":"Line"}],"types":["ID"],"spl":"2021-04-01","fixes":["https://android.googlesource.com/platform/hardware/interfaces/+/c9b5693c7f024a6b0c7fc59123dbc313ecbf6e9b"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-176496160.json"}},{"package":{"name":"platform/frameworks/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-04-01"}]}],"versions":["10"],"ecosystem_specific":{"vanir_signatures":[{"source":"https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5","deprecated":false,"signature_version":"v1","digest":{"length":4064,"function_hash":"48593166569661308537903166270456012967"},"target":{"function":"CryptoPlugin::decrypt_1_2","file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"},"id":"ASB-A-176496160-40c9507b","signature_type":"Function"},{"digest":{"line_hashes":["322851236290323917175235985476814994833","333424594500798816566744926216353382181","37501043312926675037699351634321821112","177838551671140028423684870174218129777"],"threshold":0.9},"deprecated":false,"target":{"file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"},"source":"https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5","signature_version":"v1","id":"ASB-A-176496160-d25e008b","signature_type":"Line"}],"types":["ID"],"spl":"2021-04-01","fixes":["https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-176496160.json"}},{"package":{"name":"platform/hardware/interfaces","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-04-01"}]}],"versions":["10"],"ecosystem_specific":{"vanir_signatures":[{"source":"https://android.googlesource.com/platform/hardware/interfaces/+/c14f262876818498b3ca77f1d6df9d4fb7e77b1c","deprecated":false,"digest":{"line_hashes":["72604702727132455093240508622843862530","285452902553993665142066946687343539874","218531093682696242280487765664984289807","216212382440762221775916728536235072685"],"threshold":0.9},"target":{"file":"drm/1.0/default/CryptoPlugin.cpp"},"signature_version":"v1","id":"ASB-A-176496160-3b3ebd8d","signature_type":"Line"}],"types":["ID"],"spl":"2021-04-01","fixes":["https://android.googlesource.com/platform/hardware/interfaces/+/c14f262876818498b3ca77f1d6df9d4fb7e77b1c"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-176496160.json"}},{"package":{"name":"platform/frameworks/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-04-01"}]}],"versions":["11"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"length":4064,"function_hash":"48593166569661308537903166270456012967"},"deprecated":false,"source":"https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5","signature_version":"v1","target":{"function":"CryptoPlugin::decrypt_1_2","file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"},"id":"ASB-A-176496160-4979bd77","signature_type":"Function"},{"source":"https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5","deprecated":false,"digest":{"line_hashes":["322851236290323917175235985476814994833","333424594500798816566744926216353382181","37501043312926675037699351634321821112","177838551671140028423684870174218129777"],"threshold":0.9},"target":{"file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"},"signature_version":"v1","id":"ASB-A-176496160-91c815ee","signature_type":"Line"}],"types":["ID"],"spl":"2021-04-01","fixes":["https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-176496160.json"}},{"package":{"name":"platform/hardware/interfaces","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-04-01"}]}],"versions":["11"],"ecosystem_specific":{"vanir_signatures":[{"source":"https://android.googlesource.com/platform/hardware/interfaces/+/c14f262876818498b3ca77f1d6df9d4fb7e77b1c","deprecated":false,"signature_version":"v1","digest":{"line_hashes":["72604702727132455093240508622843862530","285452902553993665142066946687343539874","218531093682696242280487765664984289807","216212382440762221775916728536235072685"],"threshold":0.9},"target":{"file":"drm/1.0/default/CryptoPlugin.cpp"},"id":"ASB-A-176496160-dd41ed02","signature_type":"Line"}],"types":["ID"],"spl":"2021-04-01","fixes":["https://android.googlesource.com/platform/hardware/interfaces/+/c14f262876818498b3ca77f1d6df9d4fb7e77b1c"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-176496160.json"}}],"schema_version":"1.7.5"}