{"id":"ASB-A-368069390","details":"In GetTable of dm.cpp, there is a possible way to leak the raw FDE key in bug reports due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-368069390","CVE-2024-49729"],"modified":"2026-04-17T15:55:28.020024Z","published":"2025-02-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2025-02-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/system/core/+/a1b00e3f3412c6de6fddb53e603264deb248dace"}],"affected":[{"package":{"name":"platform/system/core","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"15-next:0"},{"fixed":"15-next:2025-02-01"}]}],"versions":["15-next"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/core/+/bc067ef9f0408f3b7c4f5dcae3b6aec51f386e4d"],"vanir_signatures":[{"target":{"file":"fs_mgr/libdm/dm.cpp"},"signature_type":"Line","id":"ASB-A-368069390-6e21205f","digest":{"threshold":0.9,"line_hashes":["66071317781752963516926638938244070180","221698904397698559435883749761791442100","334722030814171978146408266846367485174","62708272299338636022665327483800029315","263494544919952387351647817158078911464","289259756623168733243553524807383202449","43039980192724340038185978070021869862"]},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/bc067ef9f0408f3b7c4f5dcae3b6aec51f386e4d"},{"target":{"file":"fs_mgr/libdm/dm.cpp","function":"DeviceMapper::GetTable"},"signature_type":"Function","id":"ASB-A-368069390-8b68096d","digest":{"length":1113,"function_hash":"108302958928813557393787361343075606179"},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/bc067ef9f0408f3b7c4f5dcae3b6aec51f386e4d"}],"types":["ID"],"spl":"2025-02-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-368069390.json"}},{"package":{"name":"platform/system/core","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2025-02-01"}]}],"versions":["12"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/core/+/c434d801d65372dd12d9bc8bd7717ef08f3fa984"],"vanir_signatures":[{"target":{"file":"fs_mgr/libdm/dm.cpp"},"signature_type":"Line","id":"ASB-A-368069390-42de0367","digest":{"threshold":0.9,"line_hashes":["66071317781752963516926638938244070180","221698904397698559435883749761791442100","334722030814171978146408266846367485174","62708272299338636022665327483800029315","263494544919952387351647817158078911464","289259756623168733243553524807383202449","43039980192724340038185978070021869862"]},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/c434d801d65372dd12d9bc8bd7717ef08f3fa984"},{"target":{"file":"fs_mgr/libdm/dm.cpp","function":"DeviceMapper::GetTable"},"signature_type":"Function","id":"ASB-A-368069390-654cbf17","digest":{"length":1113,"function_hash":"108302958928813557393787361343075606179"},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/c434d801d65372dd12d9bc8bd7717ef08f3fa984"}],"types":["ID"],"spl":"2025-02-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-368069390.json"}},{"package":{"name":"platform/system/core","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2025-02-01"}]}],"versions":["12L"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/core/+/e68f6cd6c0a925fea1bbe7537f6029ef9b0e142c"],"vanir_signatures":[{"target":{"file":"fs_mgr/libdm/dm.cpp"},"signature_type":"Line","id":"ASB-A-368069390-026ea792","digest":{"threshold":0.9,"line_hashes":["66071317781752963516926638938244070180","221698904397698559435883749761791442100","334722030814171978146408266846367485174","62708272299338636022665327483800029315","263494544919952387351647817158078911464","289259756623168733243553524807383202449","43039980192724340038185978070021869862"]},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/e68f6cd6c0a925fea1bbe7537f6029ef9b0e142c"},{"target":{"file":"fs_mgr/libdm/dm.cpp","function":"DeviceMapper::GetTable"},"signature_type":"Function","id":"ASB-A-368069390-b302d23d","digest":{"length":1113,"function_hash":"108302958928813557393787361343075606179"},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/e68f6cd6c0a925fea1bbe7537f6029ef9b0e142c"}],"types":["ID"],"spl":"2025-02-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-368069390.json"}},{"package":{"name":"platform/system/core","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"15:0"},{"fixed":"15:2025-02-01"}]}],"versions":["15"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/core/+/95ca31cecf7591d48664260712c0199ac9bfedeb"],"vanir_signatures":[{"target":{"file":"fs_mgr/libdm/dm.cpp","function":"DeviceMapper::GetTable"},"signature_type":"Function","id":"ASB-A-368069390-7f333830","digest":{"length":1113,"function_hash":"108302958928813557393787361343075606179"},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/95ca31cecf7591d48664260712c0199ac9bfedeb"},{"target":{"file":"fs_mgr/libdm/dm.cpp"},"signature_type":"Line","id":"ASB-A-368069390-dbc677d9","digest":{"threshold":0.9,"line_hashes":["66071317781752963516926638938244070180","221698904397698559435883749761791442100","334722030814171978146408266846367485174","62708272299338636022665327483800029315","263494544919952387351647817158078911464","289259756623168733243553524807383202449","43039980192724340038185978070021869862"]},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/95ca31cecf7591d48664260712c0199ac9bfedeb"}],"types":["ID"],"spl":"2025-02-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-368069390.json"}},{"package":{"name":"platform/system/core","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2025-02-01"}]}],"versions":["13"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/core/+/d94e6c537fd8283a33d899d627ff154cc2af2d10"],"vanir_signatures":[{"target":{"file":"fs_mgr/libdm/dm.cpp","function":"DeviceMapper::GetTable"},"signature_type":"Function","id":"ASB-A-368069390-44d783c1","digest":{"length":1113,"function_hash":"108302958928813557393787361343075606179"},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/d94e6c537fd8283a33d899d627ff154cc2af2d10"},{"target":{"file":"fs_mgr/libdm/dm.cpp"},"signature_type":"Line","id":"ASB-A-368069390-860c6d6a","digest":{"threshold":0.9,"line_hashes":["66071317781752963516926638938244070180","221698904397698559435883749761791442100","334722030814171978146408266846367485174","62708272299338636022665327483800029315","263494544919952387351647817158078911464","289259756623168733243553524807383202449","43039980192724340038185978070021869862"]},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/d94e6c537fd8283a33d899d627ff154cc2af2d10"}],"types":["ID"],"spl":"2025-02-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-368069390.json"}},{"package":{"name":"platform/system/core","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14:0"},{"fixed":"14:2025-02-01"}]}],"versions":["14"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/core/+/9b9233f4c1c31819fcd0fbc761f3b7ba6bd94344"],"vanir_signatures":[{"target":{"file":"fs_mgr/libdm/dm.cpp","function":"DeviceMapper::GetTable"},"signature_type":"Function","id":"ASB-A-368069390-44ebaa6b","digest":{"length":1113,"function_hash":"108302958928813557393787361343075606179"},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/9b9233f4c1c31819fcd0fbc761f3b7ba6bd94344"},{"target":{"file":"fs_mgr/libdm/dm.cpp"},"signature_type":"Line","id":"ASB-A-368069390-c0beff55","digest":{"threshold":0.9,"line_hashes":["66071317781752963516926638938244070180","221698904397698559435883749761791442100","334722030814171978146408266846367485174","62708272299338636022665327483800029315","263494544919952387351647817158078911464","289259756623168733243553524807383202449","43039980192724340038185978070021869862"]},"signature_version":"v1","deprecated":false,"source":"https://android.googlesource.com/platform/system/core/+/9b9233f4c1c31819fcd0fbc761f3b7ba6bd94344"}],"types":["ID"],"spl":"2025-02-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-368069390.json"}}],"schema_version":"1.7.5"}