{"id":"ASB-A-142641801", "published":"2020-10-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2020-0411", "A-142641801"], "details":"In ~AACExtractor() of AACExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/av", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2020-10-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/av/+/7c67c79fff14cf28a19fda1bfb532804759f85fe"], "severity":"High", "spl":"2020-10-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"65213015492553564256562436336401197530", "length":1060}, "id":"ASB-A-142641801-5ee77bb4", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/av/+/7c67c79fff14cf28a19fda1bfb532804759f85fe", "target":{"file":"media/extractors/aac/AACExtractor.cpp", "function":"AACExtractor::AACExtractor"}}, {"deprecated":false, "digest":{"function_hash":"143615920421606870576936449432471438581", "length":58}, "id":"ASB-A-142641801-9cd38c65", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/av/+/7c67c79fff14cf28a19fda1bfb532804759f85fe", "target":{"file":"media/extractors/aac/AACExtractor.cpp", "function":"AACExtractor::~AACExtractor"}}, {"deprecated":false, "digest":{"line_hashes":["191848142092142630538604207444086013613", "22345010123095754324836698976264976097", "209135174585895537728207159428872699704", "307932805212158171651718550100793887349", "291636052134706321534792820181675351512", "100484507152484824400443209137850391442", "288677122083405566648576577194490985514", "242414535882060390204977986569306640383"], "threshold":0.9}, "id":"ASB-A-142641801-a1bc6e0d", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/av/+/7c67c79fff14cf28a19fda1bfb532804759f85fe", "target":{"file":"media/extractors/aac/AACExtractor.cpp"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2020-10-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/av/+/7c67c79fff14cf28a19fda1bfb532804759f85fe"}]}