{"id":"ASB-A-237288416","details":"In audioTransportsToHal of HidlUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-237288416","CVE-2022-20417"],"modified":"2026-04-21T15:25:42.831358Z","published":"2022-10-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-10-01"}],"affected":[{"package":{"name":"platform/hardware/interfaces","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2022-10-01"}]}],"versions":["12"],"ecosystem_specific":{"types":["EoP"],"spl":"2022-10-01","severity":"High","fixes":["https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe"],"vanir_signatures":[{"id":"ASB-A-237288416-3347ba34","target":{"function":"HidlUtils::audioTransportsToHal","file":"audio/common/all-versions/default/7.0/HidlUtils.cpp"},"signature_version":"v1","digest":{"function_hash":"30693180149815436432511666337241282332","length":1770},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Function","deprecated":false},{"id":"ASB-A-237288416-6345877f","target":{"file":"audio/common/all-versions/default/7.0/HidlUtils.cpp"},"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["269344792656577092001110833540011432940","24566917316876822633373775224199387841","326563767327415897676849247084034620501","296721903556534197228020912422928613838","98664012303234856457986909474349887885","242909748081190874474530485925527046198","337480627864806466889618801044925771695","32976967712788725498324097883947031232"]},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Line","deprecated":false},{"id":"ASB-A-237288416-a6f3adea","target":{"file":"audio/common/all-versions/default/tests/hidlutils_tests.cpp"},"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["172186339874870091662576372895279208413","227349891284322899533340354059474595611","186519563238785187792249710978779741919","110617716582878860557393456367871608803","43366630099968855310673323885673129606","131451768960244202058325825301537495331","78935328830424581718176604854654660458","306341795472413105250127479060524261756","16834518065203268661284590998142718197","299064499527370160859152552006985321520","180805790256931266346711168313089126423","170095354208668041088633580278233745834","33521963547965584930512648087844251698","114610901870909908359583640191322919081","212452195949018653488913703488818546503","153444376759287560523706886364648112712","29528458756198696541044575576555735593","48063698236143321999460836226503716002","172446838531745295337624745295579102534","183608570636346057331731099513885835857"]},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Line","deprecated":false},{"id":"ASB-A-237288416-e11f7680","target":{"function":"TEST","file":"audio/common/all-versions/default/tests/hidlutils_tests.cpp"},"signature_version":"v1","digest":{"function_hash":"127934060083940188991457240859462848395","length":1096},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Function","deprecated":false},{"id":"ASB-A-237288416-e5a04e11","target":{"function":"TEST","file":"audio/common/all-versions/default/tests/hidlutils_tests.cpp"},"signature_version":"v1","digest":{"function_hash":"168160430229648601525038002173658487200","length":978},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Function","deprecated":false}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-237288416.json"}},{"package":{"name":"platform/hardware/interfaces","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2022-10-01"}]}],"versions":["12L"],"ecosystem_specific":{"types":["EoP"],"spl":"2022-10-01","severity":"High","fixes":["https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe"],"vanir_signatures":[{"id":"ASB-A-237288416-082faaa8","target":{"function":"TEST","file":"audio/common/all-versions/default/tests/hidlutils_tests.cpp"},"signature_version":"v1","digest":{"function_hash":"127934060083940188991457240859462848395","length":1096},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Function","deprecated":false},{"id":"ASB-A-237288416-4ea9c451","target":{"file":"audio/common/all-versions/default/7.0/HidlUtils.cpp"},"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["269344792656577092001110833540011432940","24566917316876822633373775224199387841","326563767327415897676849247084034620501","296721903556534197228020912422928613838","98664012303234856457986909474349887885","242909748081190874474530485925527046198","337480627864806466889618801044925771695","32976967712788725498324097883947031232"]},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Line","deprecated":false},{"id":"ASB-A-237288416-5e18add7","target":{"file":"audio/common/all-versions/default/tests/hidlutils_tests.cpp"},"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["172186339874870091662576372895279208413","227349891284322899533340354059474595611","186519563238785187792249710978779741919","110617716582878860557393456367871608803","43366630099968855310673323885673129606","131451768960244202058325825301537495331","78935328830424581718176604854654660458","306341795472413105250127479060524261756","16834518065203268661284590998142718197","299064499527370160859152552006985321520","180805790256931266346711168313089126423","170095354208668041088633580278233745834","33521963547965584930512648087844251698","114610901870909908359583640191322919081","212452195949018653488913703488818546503","153444376759287560523706886364648112712","29528458756198696541044575576555735593","48063698236143321999460836226503716002","172446838531745295337624745295579102534","183608570636346057331731099513885835857"]},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Line","deprecated":false},{"id":"ASB-A-237288416-90647a9e","target":{"function":"HidlUtils::audioTransportsToHal","file":"audio/common/all-versions/default/7.0/HidlUtils.cpp"},"signature_version":"v1","digest":{"function_hash":"30693180149815436432511666337241282332","length":1770},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Function","deprecated":false},{"id":"ASB-A-237288416-fc41aa42","target":{"function":"TEST","file":"audio/common/all-versions/default/tests/hidlutils_tests.cpp"},"signature_version":"v1","digest":{"function_hash":"168160430229648601525038002173658487200","length":978},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Function","deprecated":false}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-237288416.json"}},{"package":{"name":"platform/hardware/interfaces","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2022-10-01"}]}],"versions":["13"],"ecosystem_specific":{"types":["EoP"],"spl":"2022-10-01","severity":"High","fixes":["https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe"],"vanir_signatures":[{"id":"ASB-A-237288416-2498d497","target":{"function":"TEST","file":"audio/common/all-versions/default/tests/hidlutils_tests.cpp"},"signature_version":"v1","digest":{"function_hash":"168160430229648601525038002173658487200","length":978},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Function","deprecated":false},{"id":"ASB-A-237288416-4cbcee65","target":{"function":"TEST","file":"audio/common/all-versions/default/tests/hidlutils_tests.cpp"},"signature_version":"v1","digest":{"function_hash":"127934060083940188991457240859462848395","length":1096},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Function","deprecated":false},{"id":"ASB-A-237288416-62c23548","target":{"function":"HidlUtils::audioTransportsToHal","file":"audio/common/all-versions/default/7.0/HidlUtils.cpp"},"signature_version":"v1","digest":{"function_hash":"30693180149815436432511666337241282332","length":1770},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Function","deprecated":false},{"id":"ASB-A-237288416-7c5aa959","target":{"file":"audio/common/all-versions/default/tests/hidlutils_tests.cpp"},"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["172186339874870091662576372895279208413","227349891284322899533340354059474595611","186519563238785187792249710978779741919","110617716582878860557393456367871608803","43366630099968855310673323885673129606","131451768960244202058325825301537495331","78935328830424581718176604854654660458","306341795472413105250127479060524261756","16834518065203268661284590998142718197","299064499527370160859152552006985321520","180805790256931266346711168313089126423","170095354208668041088633580278233745834","33521963547965584930512648087844251698","114610901870909908359583640191322919081","212452195949018653488913703488818546503","153444376759287560523706886364648112712","29528458756198696541044575576555735593","48063698236143321999460836226503716002","172446838531745295337624745295579102534","183608570636346057331731099513885835857"]},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Line","deprecated":false},{"id":"ASB-A-237288416-acd99333","target":{"file":"audio/common/all-versions/default/7.0/HidlUtils.cpp"},"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["269344792656577092001110833540011432940","24566917316876822633373775224199387841","326563767327415897676849247084034620501","296721903556534197228020912422928613838","98664012303234856457986909474349887885","242909748081190874474530485925527046198","337480627864806466889618801044925771695","32976967712788725498324097883947031232"]},"source":"https://android.googlesource.com/platform/hardware/interfaces/+/f16c6d3a5741768356159f099d04bfe2219c81fe","signature_type":"Line","deprecated":false}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-237288416.json"}}],"schema_version":"1.7.5"}