{"id":"ASB-A-262892300","details":"In buildPropFile of filesystem.go, there is a possible insecure hash due to an improperly used crypto. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-262892300","CVE-2023-21084"],"modified":"2026-05-25T16:46:24.913870386Z","published":"2023-04-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-04-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/build/soong/+/48d9ec056458a4bff78a9c572bc9c185dc037ccc"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/modules/Virtualization/+/31782435ddf9c3641bf7c78cc64075dd95eede87"}],"affected":[{"package":{"name":"platform/build/soong","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-04-01"}]}],"versions":["13"],"ecosystem_specific":{"spl":"2023-04-01","severity":"High","fixes":["https://android.googlesource.com/platform/build/soong/+/f3d1e8c24cba69b93d9fdd2f01d770927988eeb1"],"types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-262892300.json"}},{"package":{"name":"platform/packages/modules/Virtualization","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-04-01"}]}],"versions":["13"],"ecosystem_specific":{"spl":"2023-04-01","severity":"High","fixes":["https://android.googlesource.com/platform/packages/modules/Virtualization/+/94d7faa228c828abbbfda212f2e4abfa27d00b25"],"types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-262892300.json"}}],"schema_version":"1.7.5"}