{"id":"PUB-A-236098131","details":"In BufferBlock of Suballocation.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-236098131","CVE-2023-21022"],"modified":"2026-05-29T15:55:33.750044621Z","published":"2023-03-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-03-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/external/angle/+/773cf6a7f85d7d28588d9d7af417b8afb97d9f4f"}],"affected":[{"package":{"name":"platform/external/angle","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-03-01"}]}],"versions":["13"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/external/angle/+/773cf6a7f85d7d28588d9d7af417b8afb97d9f4f"],"vanir_signatures":[{"source":"https://android.googlesource.com/platform/external/angle/+/773cf6a7f85d7d28588d9d7af417b8afb97d9f4f","deprecated":false,"id":"PUB-A-236098131-258f5b7d","target":{"file":"src/libANGLE/renderer/vulkan/vk_utils.cpp","function":"BufferBlock::init"},"signature_version":"v1","digest":{"function_hash":"312424243475447972951397116783860326816","length":689},"signature_type":"Function"},{"digest":{"function_hash":"49859825237849552993661624816855387030","length":113},"deprecated":false,"id":"PUB-A-236098131-b5684474","target":{"file":"src/libANGLE/renderer/vulkan/vk_utils.cpp","function":"BufferBlock::free"},"signature_version":"v1","source":"https://android.googlesource.com/platform/external/angle/+/773cf6a7f85d7d28588d9d7af417b8afb97d9f4f","signature_type":"Function"},{"digest":{"function_hash":"254242747268667631660176332908487419378","length":199},"target":{"file":"src/libANGLE/renderer/vulkan/vk_utils.h","function":"BufferBlock::allocate"},"id":"PUB-A-236098131-d5f56ec2","deprecated":false,"signature_version":"v1","source":"https://android.googlesource.com/platform/external/angle/+/773cf6a7f85d7d28588d9d7af417b8afb97d9f4f","signature_type":"Function"},{"digest":{"line_hashes":["185008097289234718892542280097379820669","197258037117912360592884336141367862794","30625843257666756784118487653231575209","192602765654855706560411289887096111434","153344503973348396408866881774445322144","59922267064555091853461120713006096066","14855274601849302281101981407249101143","77586242179892999185056300704968873760","260307325678913186592310664343072155219","145377779437221822884367306915131879841","333606360750516297316046412965691314774","170340294485382385987572707253975198685"],"threshold":0.9},"deprecated":false,"id":"PUB-A-236098131-d68e63cc","target":{"file":"src/libANGLE/renderer/vulkan/vk_utils.h"},"signature_version":"v1","source":"https://android.googlesource.com/platform/external/angle/+/773cf6a7f85d7d28588d9d7af417b8afb97d9f4f","signature_type":"Line"},{"source":"https://android.googlesource.com/platform/external/angle/+/773cf6a7f85d7d28588d9d7af417b8afb97d9f4f","deprecated":false,"id":"PUB-A-236098131-dd37174b","target":{"file":"src/libANGLE/renderer/vulkan/vk_utils.cpp"},"signature_version":"v1","digest":{"line_hashes":["44219688261391596294808338980282338057","263025499028266146160009001923106590545","42459399223023389141309687994939061003","3884911654254297185112329214912007163","50091932843293555970856154329091221440","274969973337845619552651654631387332560","166106399822272468763909440390389018666","137708084973619337503766130510011064589"],"threshold":0.9},"signature_type":"Line"},{"source":"https://android.googlesource.com/platform/external/angle/+/773cf6a7f85d7d28588d9d7af417b8afb97d9f4f","deprecated":false,"id":"PUB-A-236098131-ebd60c59","target":{"file":"src/libANGLE/renderer/vulkan/vk_utils.h","function":"BufferBlock::isEmpty"},"signature_version":"v1","digest":{"function_hash":"275155380519854345743632118403368138732","length":141},"signature_type":"Function"}],"types":["EoP"],"spl":"2023-03-01","severity":"Moderate"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-236098131.json"}}],"schema_version":"1.7.5"}