{"id":"PUB-A-253270285","details":"In convertCbYCrY of ColorConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-253270285","CVE-2023-21168"],"modified":"2026-05-27T15:53:17.428190120Z","published":"2023-06-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-06-01"}],"affected":[{"package":{"name":"platform/frameworks/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-06-01"}]}],"versions":["13-next"],"ecosystem_specific":{"spl":"2023-06-01","types":["ID"],"fixes":["https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f"],"severity":"Moderate","vanir_signatures":[{"signature_type":"Function","id":"PUB-A-253270285-6d297dc3","source":"https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f","digest":{"length":915,"function_hash":"123988967678890240294577453835414320223"},"signature_version":"v1","target":{"function":"getReadFromSrc","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"deprecated":false},{"signature_type":"Line","id":"PUB-A-253270285-72942b13","source":"https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f","digest":{"threshold":0.9,"line_hashes":["247606929921569637163089663459307512815","162468755297891912520422811693842132036","254432283313079325491194098881992855387","38881760499021515293662628603536897904","328226532138181082401936676670306588090","223829474420745526143126951000763899214","89207115104440282910131881837841512723","37105404677024232302250704522779804820","191072364846845926947077829811628946789","254905477409565341869506942169404237354","230556549267049151037759073922662946064","132689681402242674585451810505020103616","127374590885222521170458991891530404016","37792625455219703577659786099840613656","334346829381369127124127847900752248974","251027418843848625708820634607306862935","252267306090320544493362491608696949966","304388302561184395785218750226908815079","302257822095487733467440345717112928434","51517603708237311385015694210021784755","153852415568437632301780515290025639024","222671634347578686984383990285938928500","64737848183103375083224713255938333630","309718538296508665938643380545298306683","326783346937967787988499727122846398347","188716468207015984329505888894128118422","173909383261093392288234898638705334209","2795576634361627858378244162203156224","277019259381017583880767045344505972759","127591723109083262272306948022416211084","244212880500451180977978914472399953275","245962444517351300916559881204843075394","108264517671512425861420479481068638280","266156898699292782649407271617747039532","88990028098950162462757902336410846998","86554587238856826418566951732715549806","179841912767205726522844395268755182685","258935848626569663700681253271609166599","286009444894696987403124801589270818407","152068414452839869933155231066257268780","274223732432458761780875226743089912887","245962444517351300916559881204843075394","327663425995239953195917693979278945829","122403152652220414800525444798360945519","138160945716980754434899655271767454546","258713258250791638393243588466923101301","326420902817349070757773297337322329403","1668478677806568720607612099697871094","259149532170830187873756892469351622375","43827774730289096105614596117763855572","311381044966032296506437904171191058104","322622525603614549278974782514718083560","93328457853236515700818708390660839266","79381425374988155611771167746572191424","37650678641863238555968970234472570383","322960926552301589612007239303523125546","17562178531261807354693057721626487772","324319691231371479834091629622722939693","331667421718573721976660854424528278825","19065740997626026515176964334817499385","246057523372482277008534301905817602565","241897056460525402074328496747551091226","122496031412997421973013804924399759407","40778205112221055732915665459379534726","221767472228342591091669781024425144422"]},"signature_version":"v1","target":{"file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-79e84056","signature_version":"v1","digest":{"length":386,"function_hash":"76283737745877963792457644205336706908"},"source":"https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f","target":{"function":"ColorConverter::convertTIYUV420PackedSemiPlanar","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-a5f48cfa","signature_version":"v1","digest":{"length":1900,"function_hash":"196635619474923974999661075454352066057"},"target":{"function":"ColorConverter::convertCbYCrY","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"source":"https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f","deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-bfc10c17","signature_version":"v1","digest":{"length":805,"function_hash":"131743926513006185395435228416380509161"},"target":{"function":"ColorConversionFuzzer::getFrameSize","file":"media/libstagefright/colorconversion/fuzzer/color_conversion_fuzzer.cpp"},"source":"https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f","deprecated":false},{"signature_type":"Line","id":"PUB-A-253270285-c4c6ab36","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["218621079050653049139810160769239426565","108659759287823854966032310642045376969","92455655434855914212888217653088167019","227302074224894561506382621427985180267","187414483899263778587979468452781787230","214110847614600612348865867415367245332","163472157240168647643119683323031868073"]},"source":"https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f","target":{"file":"media/libstagefright/include/media/stagefright/ColorConverter.h"},"deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-c5c975e4","signature_version":"v1","digest":{"length":1910,"function_hash":"239512189187503554837704287213771624329"},"source":"https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f","target":{"function":"ColorConverter::convert","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"deprecated":false},{"signature_type":"Line","id":"PUB-A-253270285-dfdc3f36","target":{"file":"media/libstagefright/colorconversion/fuzzer/color_conversion_fuzzer.cpp"},"digest":{"threshold":0.9,"line_hashes":["165488080103468868855818276930705579619","291697450291301355739440695941383161090","161276000092022105230073210195997540165","135212426967586381271980294992681211221","206064782891592509690218425122761889639","335133680877517350073721952159561753370","161996591879633750008082456825890203320","189889676744187243835150914468573082182"]},"source":"https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f","signature_version":"v1","deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-e0d6185b","signature_version":"v1","digest":{"length":418,"function_hash":"336745774048628856118042949219496504276"},"source":"https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f","target":{"function":"ColorConverter::convertQCOMYUV420SemiPlanar","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-f95cfaec","target":{"function":"ColorConverter::convertYUV420SemiPlanarBase","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"digest":{"length":1979,"function_hash":"238372230084816672022644670230890856922"},"source":"https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f","signature_version":"v1","deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-ffcacf9f","signature_version":"v1","digest":{"length":429,"function_hash":"218366344756698997654754663693312477268"},"target":{"function":"ColorConverter::convertYUV420SemiPlanar","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"source":"https://android.googlesource.com/platform/frameworks/av/+/c08c1043f5885aa068aedbdf51d24fe9e263553f","deprecated":false}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-253270285.json"}},{"package":{"name":"platform/frameworks/av","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-06-01"}]}],"versions":["13"],"ecosystem_specific":{"spl":"2023-06-01","types":["ID"],"fixes":["https://android.googlesource.com/platform/frameworks/av/+/9911928440f6bd233806d83d179947f103ebc6ef"],"severity":"Moderate","vanir_signatures":[{"signature_type":"Function","id":"PUB-A-253270285-015d8fda","signature_version":"v1","digest":{"length":386,"function_hash":"76283737745877963792457644205336706908"},"target":{"function":"ColorConverter::convertTIYUV420PackedSemiPlanar","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"source":"https://android.googlesource.com/platform/frameworks/av/+/9911928440f6bd233806d83d179947f103ebc6ef","deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-12236729","signature_version":"v1","digest":{"length":1979,"function_hash":"238372230084816672022644670230890856922"},"source":"https://android.googlesource.com/platform/frameworks/av/+/9911928440f6bd233806d83d179947f103ebc6ef","target":{"function":"ColorConverter::convertYUV420SemiPlanarBase","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-1d1f4a59","signature_version":"v1","digest":{"length":418,"function_hash":"336745774048628856118042949219496504276"},"source":"https://android.googlesource.com/platform/frameworks/av/+/9911928440f6bd233806d83d179947f103ebc6ef","target":{"function":"ColorConverter::convertQCOMYUV420SemiPlanar","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-5fa7a06e","signature_version":"v1","digest":{"length":1900,"function_hash":"196635619474923974999661075454352066057"},"source":"https://android.googlesource.com/platform/frameworks/av/+/9911928440f6bd233806d83d179947f103ebc6ef","target":{"function":"ColorConverter::convertCbYCrY","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-64b0fd9f","signature_version":"v1","digest":{"length":915,"function_hash":"123988967678890240294577453835414320223"},"source":"https://android.googlesource.com/platform/frameworks/av/+/9911928440f6bd233806d83d179947f103ebc6ef","target":{"function":"getReadFromSrc","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-6d42617a","target":{"function":"ColorConverter::convert","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"digest":{"length":1910,"function_hash":"239512189187503554837704287213771624329"},"source":"https://android.googlesource.com/platform/frameworks/av/+/9911928440f6bd233806d83d179947f103ebc6ef","signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"PUB-A-253270285-77e262c0","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["247606929921569637163089663459307512815","162468755297891912520422811693842132036","254432283313079325491194098881992855387","38881760499021515293662628603536897904","328226532138181082401936676670306588090","223829474420745526143126951000763899214","89207115104440282910131881837841512723","37105404677024232302250704522779804820","191072364846845926947077829811628946789","254905477409565341869506942169404237354","230556549267049151037759073922662946064","132689681402242674585451810505020103616","127374590885222521170458991891530404016","37792625455219703577659786099840613656","334346829381369127124127847900752248974","251027418843848625708820634607306862935","252267306090320544493362491608696949966","304388302561184395785218750226908815079","302257822095487733467440345717112928434","51517603708237311385015694210021784755","153852415568437632301780515290025639024","222671634347578686984383990285938928500","64737848183103375083224713255938333630","309718538296508665938643380545298306683","326783346937967787988499727122846398347","188716468207015984329505888894128118422","173909383261093392288234898638705334209","2795576634361627858378244162203156224","277019259381017583880767045344505972759","127591723109083262272306948022416211084","244212880500451180977978914472399953275","245962444517351300916559881204843075394","108264517671512425861420479481068638280","266156898699292782649407271617747039532","88990028098950162462757902336410846998","86554587238856826418566951732715549806","179841912767205726522844395268755182685","258935848626569663700681253271609166599","286009444894696987403124801589270818407","152068414452839869933155231066257268780","274223732432458761780875226743089912887","245962444517351300916559881204843075394","327663425995239953195917693979278945829","122403152652220414800525444798360945519","138160945716980754434899655271767454546","258713258250791638393243588466923101301","326420902817349070757773297337322329403","1668478677806568720607612099697871094","259149532170830187873756892469351622375","43827774730289096105614596117763855572","311381044966032296506437904171191058104","322622525603614549278974782514718083560","93328457853236515700818708390660839266","79381425374988155611771167746572191424","37650678641863238555968970234472570383","322960926552301589612007239303523125546","17562178531261807354693057721626487772","324319691231371479834091629622722939693","331667421718573721976660854424528278825","19065740997626026515176964334817499385","246057523372482277008534301905817602565","241897056460525402074328496747551091226","122496031412997421973013804924399759407","40778205112221055732915665459379534726","221767472228342591091669781024425144422"]},"target":{"file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"source":"https://android.googlesource.com/platform/frameworks/av/+/9911928440f6bd233806d83d179947f103ebc6ef","deprecated":false},{"signature_type":"Function","id":"PUB-A-253270285-83b84378","source":"https://android.googlesource.com/platform/frameworks/av/+/9911928440f6bd233806d83d179947f103ebc6ef","digest":{"length":429,"function_hash":"218366344756698997654754663693312477268"},"signature_version":"v1","target":{"function":"ColorConverter::convertYUV420SemiPlanar","file":"media/libstagefright/colorconversion/ColorConverter.cpp"},"deprecated":false},{"signature_type":"Line","id":"PUB-A-253270285-bb8a19cc","source":"https://android.googlesource.com/platform/frameworks/av/+/9911928440f6bd233806d83d179947f103ebc6ef","digest":{"threshold":0.9,"line_hashes":["218621079050653049139810160769239426565","108659759287823854966032310642045376969","92455655434855914212888217653088167019","227302074224894561506382621427985180267","187414483899263778587979468452781787230","214110847614600612348865867415367245332","163472157240168647643119683323031868073"]},"signature_version":"v1","target":{"file":"media/libstagefright/include/media/stagefright/ColorConverter.h"},"deprecated":false}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-253270285.json"}}],"schema_version":"1.7.5"}