{"id":"ASB-A-252763983","details":"In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-252763983","CVE-2023-21112"],"modified":"2026-05-22T15:55:21.353668239Z","published":"2023-05-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-05-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/a20d5962d9350409204535b145826a41a7a3262d"}],"affected":[{"package":{"name":"platform/hardware/nxp/nfc","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-05-01"}]}],"versions":["13-next"],"ecosystem_specific":{"types":["ID"],"fixes":["https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c"],"spl":"2023-05-01","severity":"High","vanir_signatures":[{"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","target":{"function":"NxpMfcReader::AnalyzeMfcResp","file":"snxxx/halimpl/mifare/NxpMfcReader.cc"},"id":"ASB-A-252763983-08628712","deprecated":false,"signature_type":"Function","signature_version":"v1","digest":{"function_hash":"217768603380171297613270030606270843987","length":1390}},{"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","target":{"function":"NxpMfcReader::AnalyzeMfcResp","file":"pn8x/halimpl/mifare/NxpMfcReader.cc"},"id":"ASB-A-252763983-6c8b5605","deprecated":false,"signature_type":"Function","signature_version":"v1","digest":{"length":1390,"function_hash":"217768603380171297613270030606270843987"}},{"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc"},"id":"ASB-A-252763983-76b70cae","deprecated":false,"signature_type":"Line","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["64284978509830298798730183538658890155","161084689393964153539491505797652199006","252132195742022893447742066666725943805","126108868847444204655071566216860054307"]}},{"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc"},"id":"ASB-A-252763983-bb9dd33f","deprecated":false,"signature_type":"Line","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["64284978509830298798730183538658890155","161084689393964153539491505797652199006","252132195742022893447742066666725943805","126108868847444204655071566216860054307"]}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-252763983.json"}},{"package":{"name":"platform/hardware/nxp/nfc","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2023-05-01"}]}],"versions":["11"],"ecosystem_specific":{"types":["ID"],"fixes":["https://android.googlesource.com/platform/hardware/nxp/nfc/+/67e1db04f568cf50c90758272ceca93426aba932"],"spl":"2023-05-01","severity":"High","vanir_signatures":[{"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/67e1db04f568cf50c90758272ceca93426aba932","target":{"function":"NxpMfcReader::AnalyzeMfcResp","file":"halimpl/mifare/NxpMfcReader.cc"},"id":"ASB-A-252763983-9b45cb74","deprecated":false,"signature_type":"Function","signature_version":"v1","digest":{"function_hash":"217768603380171297613270030606270843987","length":1390}},{"id":"ASB-A-252763983-efd04272","target":{"file":"halimpl/mifare/NxpMfcReader.cc"},"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/67e1db04f568cf50c90758272ceca93426aba932","deprecated":false,"signature_type":"Line","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["64284978509830298798730183538658890155","161084689393964153539491505797652199006","252132195742022893447742066666725943805","126108868847444204655071566216860054307"]}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-252763983.json"}},{"package":{"name":"platform/hardware/nxp/nfc","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2023-05-01"}]}],"versions":["12"],"ecosystem_specific":{"types":["ID"],"fixes":["https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c"],"spl":"2023-05-01","severity":"High","vanir_signatures":[{"signature_type":"Function","target":{"function":"NxpMfcReader::AnalyzeMfcResp","file":"snxxx/halimpl/mifare/NxpMfcReader.cc"},"id":"ASB-A-252763983-16f7f721","deprecated":false,"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","signature_version":"v1","digest":{"length":1390,"function_hash":"217768603380171297613270030606270843987"}},{"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc"},"id":"ASB-A-252763983-1c88b988","deprecated":false,"signature_type":"Line","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["64284978509830298798730183538658890155","161084689393964153539491505797652199006","252132195742022893447742066666725943805","126108868847444204655071566216860054307"]}},{"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","target":{"function":"NxpMfcReader::AnalyzeMfcResp","file":"pn8x/halimpl/mifare/NxpMfcReader.cc"},"signature_type":"Function","deprecated":false,"id":"ASB-A-252763983-e1952f90","signature_version":"v1","digest":{"length":1390,"function_hash":"217768603380171297613270030606270843987"}},{"id":"ASB-A-252763983-ec0f6685","target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc"},"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","deprecated":false,"signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["64284978509830298798730183538658890155","161084689393964153539491505797652199006","252132195742022893447742066666725943805","126108868847444204655071566216860054307"],"threshold":0.9}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-252763983.json"}},{"package":{"name":"platform/hardware/nxp/nfc","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2023-05-01"}]}],"versions":["12L"],"ecosystem_specific":{"types":["ID"],"fixes":["https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c"],"spl":"2023-05-01","severity":"High","vanir_signatures":[{"id":"ASB-A-252763983-3d6c4ce5","target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc"},"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","deprecated":false,"signature_type":"Line","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["64284978509830298798730183538658890155","161084689393964153539491505797652199006","252132195742022893447742066666725943805","126108868847444204655071566216860054307"]}},{"signature_type":"Function","target":{"function":"NxpMfcReader::AnalyzeMfcResp","file":"pn8x/halimpl/mifare/NxpMfcReader.cc"},"id":"ASB-A-252763983-732c92c7","deprecated":false,"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","signature_version":"v1","digest":{"length":1390,"function_hash":"217768603380171297613270030606270843987"}},{"id":"ASB-A-252763983-9e5854c9","target":{"function":"NxpMfcReader::AnalyzeMfcResp","file":"snxxx/halimpl/mifare/NxpMfcReader.cc"},"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","deprecated":false,"signature_type":"Function","signature_version":"v1","digest":{"length":1390,"function_hash":"217768603380171297613270030606270843987"}},{"signature_type":"Line","target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc"},"id":"ASB-A-252763983-f13d3baf","deprecated":false,"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["64284978509830298798730183538658890155","161084689393964153539491505797652199006","252132195742022893447742066666725943805","126108868847444204655071566216860054307"]}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-252763983.json"}},{"package":{"name":"platform/hardware/nxp/nfc","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-05-01"}]}],"versions":["13"],"ecosystem_specific":{"types":["ID"],"fixes":["https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c"],"spl":"2023-05-01","severity":"High","vanir_signatures":[{"id":"ASB-A-252763983-4dd0fded","target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc"},"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","deprecated":false,"signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["64284978509830298798730183538658890155","161084689393964153539491505797652199006","252132195742022893447742066666725943805","126108868847444204655071566216860054307"],"threshold":0.9}},{"signature_type":"Function","target":{"function":"NxpMfcReader::AnalyzeMfcResp","file":"pn8x/halimpl/mifare/NxpMfcReader.cc"},"id":"ASB-A-252763983-67c3d35a","deprecated":false,"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","signature_version":"v1","digest":{"length":1390,"function_hash":"217768603380171297613270030606270843987"}},{"id":"ASB-A-252763983-eaccfcca","target":{"function":"NxpMfcReader::AnalyzeMfcResp","file":"snxxx/halimpl/mifare/NxpMfcReader.cc"},"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","deprecated":false,"signature_type":"Function","signature_version":"v1","digest":{"function_hash":"217768603380171297613270030606270843987","length":1390}},{"source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c","target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc"},"id":"ASB-A-252763983-f164f37f","deprecated":false,"signature_type":"Line","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["64284978509830298798730183538658890155","161084689393964153539491505797652199006","252132195742022893447742066666725943805","126108868847444204655071566216860054307"]}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-252763983.json"}}],"schema_version":"1.7.5"}