{"id":"ASB-A-193363621","details":"In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.","aliases":["A-193363621","CVE-2021-0964"],"modified":"2026-05-26T15:46:26.044149249Z","published":"2021-12-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-12-01"}],"affected":[{"package":{"name":"platform/hardware/google/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2021-12-01"}]}],"versions":["9"],"ecosystem_specific":{"vanir_signatures":[{"source":"https://android.googlesource.com/platform/hardware/google/av/+/c3e2eb596635757ef854ce288cd2cd9921d7fa45","signature_version":"v1","deprecated":false,"digest":{"line_hashes":["43880098200668643346508557869682770055","318607763541445393655535403309768895787","276703186263668439432569423678666677466","126108513511708102732740812763650642324"],"threshold":0.9},"signature_type":"Line","target":{"file":"media/codecs/mp3/C2SoftMp3Dec.cpp"},"id":"ASB-A-193363621-a507c647"},{"id":"ASB-A-193363621-b5991258","target":{"file":"media/codecs/mp3/C2SoftMp3Dec.cpp","function":"C2SoftMP3::process"},"signature_version":"v1","digest":{"function_hash":"135625351549208901408861286811622870460","length":5612},"signature_type":"Function","deprecated":false,"source":"https://android.googlesource.com/platform/hardware/google/av/+/c3e2eb596635757ef854ce288cd2cd9921d7fa45"}],"types":["ID"],"spl":"2021-12-01","fixes":["https://android.googlesource.com/platform/hardware/google/av/+/c3e2eb596635757ef854ce288cd2cd9921d7fa45"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-193363621.json"}},{"package":{"name":"platform/frameworks/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-12-01"}]}],"versions":["10"],"ecosystem_specific":{"vanir_signatures":[{"id":"ASB-A-193363621-283f9804","signature_version":"v1","deprecated":false,"digest":{"line_hashes":["43880098200668643346508557869682770055","318607763541445393655535403309768895787","276703186263668439432569423678666677466","126108513511708102732740812763650642324"],"threshold":0.9},"signature_type":"Line","target":{"file":"media/codec2/components/mp3/C2SoftMp3Dec.cpp"},"source":"https://android.googlesource.com/platform/frameworks/av/+/dc32721e28e79df4dd2f5bb896bcf586ebeda5e9"},{"source":"https://android.googlesource.com/platform/frameworks/av/+/dc32721e28e79df4dd2f5bb896bcf586ebeda5e9","signature_version":"v1","deprecated":false,"digest":{"function_hash":"156248296851199659471483252604381389404","length":5619},"signature_type":"Function","target":{"file":"media/codec2/components/mp3/C2SoftMp3Dec.cpp","function":"C2SoftMP3::process"},"id":"ASB-A-193363621-65b7b2c4"}],"types":["ID"],"spl":"2021-12-01","fixes":["https://android.googlesource.com/platform/frameworks/av/+/dc32721e28e79df4dd2f5bb896bcf586ebeda5e9"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-193363621.json"}},{"package":{"name":"platform/frameworks/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-12-01"}]}],"versions":["11"],"ecosystem_specific":{"vanir_signatures":[{"source":"https://android.googlesource.com/platform/frameworks/av/+/dc32721e28e79df4dd2f5bb896bcf586ebeda5e9","signature_version":"v1","deprecated":false,"digest":{"line_hashes":["43880098200668643346508557869682770055","318607763541445393655535403309768895787","276703186263668439432569423678666677466","126108513511708102732740812763650642324"],"threshold":0.9},"signature_type":"Line","target":{"file":"media/codec2/components/mp3/C2SoftMp3Dec.cpp"},"id":"ASB-A-193363621-6c3c6e15"},{"id":"ASB-A-193363621-fcdf0b06","target":{"file":"media/codec2/components/mp3/C2SoftMp3Dec.cpp","function":"C2SoftMP3::process"},"signature_version":"v1","digest":{"function_hash":"156248296851199659471483252604381389404","length":5619},"signature_type":"Function","deprecated":false,"source":"https://android.googlesource.com/platform/frameworks/av/+/dc32721e28e79df4dd2f5bb896bcf586ebeda5e9"}],"types":["ID"],"spl":"2021-12-01","fixes":["https://android.googlesource.com/platform/frameworks/av/+/dc32721e28e79df4dd2f5bb896bcf586ebeda5e9"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-193363621.json"}},{"package":{"name":"platform/frameworks/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2021-12-01"}]}],"versions":["12"],"ecosystem_specific":{"vanir_signatures":[{"id":"ASB-A-193363621-a3bea0ca","target":{"file":"media/codec2/components/mp3/C2SoftMp3Dec.cpp"},"signature_version":"v1","digest":{"line_hashes":["43880098200668643346508557869682770055","318607763541445393655535403309768895787","276703186263668439432569423678666677466","126108513511708102732740812763650642324"],"threshold":0.9},"signature_type":"Line","deprecated":false,"source":"https://android.googlesource.com/platform/frameworks/av/+/dc32721e28e79df4dd2f5bb896bcf586ebeda5e9"},{"source":"https://android.googlesource.com/platform/frameworks/av/+/dc32721e28e79df4dd2f5bb896bcf586ebeda5e9","signature_version":"v1","deprecated":false,"digest":{"function_hash":"156248296851199659471483252604381389404","length":5619},"signature_type":"Function","target":{"file":"media/codec2/components/mp3/C2SoftMp3Dec.cpp","function":"C2SoftMP3::process"},"id":"ASB-A-193363621-ab11b85c"}],"types":["ID"],"spl":"2021-12-01","fixes":["https://android.googlesource.com/platform/frameworks/av/+/dc32721e28e79df4dd2f5bb896bcf586ebeda5e9"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-193363621.json"}}],"schema_version":"1.7.5"}