{"id":"ASB-A-279766766","details":"In TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.","aliases":["A-279766766","CVE-2023-21282"],"modified":"2026-05-22T15:55:21.353668239Z","published":"2023-08-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-08-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/external/aac/+/4242f97d149b0bf0cd96f00cd1e9d30d5922cd46"}],"affected":[{"package":{"name":"platform/external/aac","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-08-01"}]}],"versions":["13-next"],"ecosystem_specific":{"vanir_signatures":[{"deprecated":false,"signature_version":"v1","id":"ASB-A-279766766-06db2c77","source":"https://android.googlesource.com/platform/external/aac/+/f682b8787eb312b9f8997dac4c2c18bb779cf0df","target":{"file":"libSBRdec/src/lpp_tran.h"},"digest":{"line_hashes":["137485364397329512956617123630598953062","319734127269816074276009054291440914706","142184391661538065296615672940683793507","205803596976412131032451772469158635915","95337811043235553146515398896013463588"],"threshold":0.9},"signature_type":"Line"}],"fixes":["https://android.googlesource.com/platform/external/aac/+/f682b8787eb312b9f8997dac4c2c18bb779cf0df"],"severity":"Critical","spl":"2023-08-01","types":["RCE"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279766766.json"}},{"package":{"name":"platform/external/aac","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2023-08-01"}]}],"versions":["11"],"ecosystem_specific":{"vanir_signatures":[{"deprecated":false,"digest":{"line_hashes":["137485364397329512956617123630598953062","319734127269816074276009054291440914706","142184391661538065296615672940683793507","205803596976412131032451772469158635915","95337811043235553146515398896013463588"],"threshold":0.9},"target":{"file":"libSBRdec/src/lpp_tran.h"},"source":"https://android.googlesource.com/platform/external/aac/+/451762ca48e7fb30a0ce77a8962813a3419ec420","id":"ASB-A-279766766-c31ce1f6","signature_version":"v1","signature_type":"Line"}],"fixes":["https://android.googlesource.com/platform/external/aac/+/451762ca48e7fb30a0ce77a8962813a3419ec420"],"spl":"2023-08-01","severity":"Critical","types":["RCE"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279766766.json"}},{"package":{"name":"platform/external/aac","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2023-08-01"}]}],"versions":["12"],"ecosystem_specific":{"vanir_signatures":[{"deprecated":false,"signature_version":"v1","id":"ASB-A-279766766-e6b2c014","source":"https://android.googlesource.com/platform/external/aac/+/173576b2b39083c425f0ca37382a047b6ca3b524","target":{"file":"libSBRdec/src/lpp_tran.h"},"digest":{"line_hashes":["137485364397329512956617123630598953062","319734127269816074276009054291440914706","142184391661538065296615672940683793507","205803596976412131032451772469158635915","95337811043235553146515398896013463588"],"threshold":0.9},"signature_type":"Line"}],"fixes":["https://android.googlesource.com/platform/external/aac/+/173576b2b39083c425f0ca37382a047b6ca3b524"],"spl":"2023-08-01","severity":"Critical","types":["RCE"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279766766.json"}},{"package":{"name":"platform/external/aac","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2023-08-01"}]}],"versions":["12L"],"ecosystem_specific":{"vanir_signatures":[{"deprecated":false,"id":"ASB-A-279766766-d57aac14","signature_version":"v1","source":"https://android.googlesource.com/platform/external/aac/+/cd6f2198617dcfbdeeb08e2cb2d36046659291c7","target":{"file":"libSBRdec/src/lpp_tran.h"},"digest":{"line_hashes":["137485364397329512956617123630598953062","319734127269816074276009054291440914706","142184391661538065296615672940683793507","205803596976412131032451772469158635915","95337811043235553146515398896013463588"],"threshold":0.9},"signature_type":"Line"}],"fixes":["https://android.googlesource.com/platform/external/aac/+/cd6f2198617dcfbdeeb08e2cb2d36046659291c7"],"spl":"2023-08-01","severity":"Critical","types":["RCE"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279766766.json"}},{"package":{"name":"platform/external/aac","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-08-01"}]}],"versions":["13"],"ecosystem_specific":{"vanir_signatures":[{"deprecated":false,"signature_version":"v1","id":"ASB-A-279766766-48ed2978","source":"https://android.googlesource.com/platform/external/aac/+/2f8c08a4e7b228a55e4c89f0931069de8eda2df6","target":{"file":"libSBRdec/src/lpp_tran.h"},"digest":{"line_hashes":["137485364397329512956617123630598953062","319734127269816074276009054291440914706","142184391661538065296615672940683793507","205803596976412131032451772469158635915","95337811043235553146515398896013463588"],"threshold":0.9},"signature_type":"Line"}],"fixes":["https://android.googlesource.com/platform/external/aac/+/2f8c08a4e7b228a55e4c89f0931069de8eda2df6"],"spl":"2023-08-01","severity":"Critical","types":["RCE"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279766766.json"}}],"schema_version":"1.7.5"}