{"id":"ASB-A-176444786", "published":"2021-04-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2021-0471", "A-176444786"], "details":"In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/hardware/interfaces", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"8.1:0"}, {"fixed":"8.1:2021-04-01"}]}], "versions":["8.1"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/hardware/interfaces/+/072cdf233c02d1dc3eb8b2e20498675aea70c21d"], "severity":"High", "spl":"2021-04-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["72604702727132455093240508622843862530", "285452902553993665142066946687343539874", "218531093682696242280487765664984289807", "216212382440762221775916728536235072685"], "threshold":0.9}, "id":"ASB-A-176444786-adfb5c33", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/interfaces/+/072cdf233c02d1dc3eb8b2e20498675aea70c21d", "target":{"file":"drm/1.0/default/CryptoPlugin.cpp"}}]}}, {"package":{"name":"platform/frameworks/av", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"9:0"}, {"fixed":"9:2021-04-01"}]}], "versions":["9"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/av/+/a7dd68bd2ef09f4e38621e29fea55e59ffbc195b"], "severity":"High", "spl":"2021-04-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["72604702727132455093240508622843862530", "285452902553993665142066946687343539874", "218531093682696242280487765664984289807", "216212382440762221775916728536235072685"], "threshold":0.9}, "id":"ASB-A-176444786-1676ef9a", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/av/+/a7dd68bd2ef09f4e38621e29fea55e59ffbc195b", "target":{"file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"}}, {"deprecated":false, "digest":{"function_hash":"306052193088613669448213253568073320311", "length":4061}, "id":"ASB-A-176444786-dc29ed12", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/av/+/a7dd68bd2ef09f4e38621e29fea55e59ffbc195b", "target":{"file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp", "function":"CryptoPlugin::decrypt"}}]}}, {"package":{"name":"platform/hardware/interfaces", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"9:0"}, {"fixed":"9:2021-04-01"}]}], "versions":["9"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/hardware/interfaces/+/c9b5693c7f024a6b0c7fc59123dbc313ecbf6e9b"], "severity":"High", "spl":"2021-04-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["72604702727132455093240508622843862530", "285452902553993665142066946687343539874", "218531093682696242280487765664984289807", "216212382440762221775916728536235072685"], "threshold":0.9}, "id":"ASB-A-176444786-cc03fa12", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/interfaces/+/c9b5693c7f024a6b0c7fc59123dbc313ecbf6e9b", "target":{"file":"drm/1.0/default/CryptoPlugin.cpp"}}]}}, {"package":{"name":"platform/frameworks/av", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2021-04-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5"], "severity":"High", "spl":"2021-04-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"48593166569661308537903166270456012967", "length":4064}, "id":"ASB-A-176444786-40c9507b", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5", "target":{"file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp", "function":"CryptoPlugin::decrypt_1_2"}}, {"deprecated":false, "digest":{"line_hashes":["322851236290323917175235985476814994833", "333424594500798816566744926216353382181", "37501043312926675037699351634321821112", "177838551671140028423684870174218129777"], "threshold":0.9}, "id":"ASB-A-176444786-d25e008b", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5", "target":{"file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"}}]}}, {"package":{"name":"platform/hardware/interfaces", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2021-04-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/hardware/interfaces/+/c14f262876818498b3ca77f1d6df9d4fb7e77b1c"], "severity":"High", "spl":"2021-04-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["72604702727132455093240508622843862530", "285452902553993665142066946687343539874", "218531093682696242280487765664984289807", "216212382440762221775916728536235072685"], "threshold":0.9}, "id":"ASB-A-176444786-3b3ebd8d", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/interfaces/+/c14f262876818498b3ca77f1d6df9d4fb7e77b1c", "target":{"file":"drm/1.0/default/CryptoPlugin.cpp"}}]}}, {"package":{"name":"platform/frameworks/av", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-04-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5"], "severity":"High", "spl":"2021-04-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"48593166569661308537903166270456012967", "length":4064}, "id":"ASB-A-176444786-4979bd77", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5", "target":{"file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp", "function":"CryptoPlugin::decrypt_1_2"}}, {"deprecated":false, "digest":{"line_hashes":["322851236290323917175235985476814994833", "333424594500798816566744926216353382181", "37501043312926675037699351634321821112", "177838551671140028423684870174218129777"], "threshold":0.9}, "id":"ASB-A-176444786-91c815ee", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/av/+/9bae1251cfbc6fde87896bf1264dd0bbded7c5e5", "target":{"file":"drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp"}}]}}, {"package":{"name":"platform/hardware/interfaces", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-04-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/hardware/interfaces/+/c14f262876818498b3ca77f1d6df9d4fb7e77b1c"], "severity":"High", "spl":"2021-04-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["72604702727132455093240508622843862530", "285452902553993665142066946687343539874", "218531093682696242280487765664984289807", "216212382440762221775916728536235072685"], "threshold":0.9}, "id":"ASB-A-176444786-dd41ed02", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/interfaces/+/c14f262876818498b3ca77f1d6df9d4fb7e77b1c", "target":{"file":"drm/1.0/default/CryptoPlugin.cpp"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-04-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/av/+/14937e01950dc4bce459c18fca9ef13dd3db5f8f"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/hardware/interfaces/+/2658c0da40fabf8fff9a765ebd5c5b293c4b57e8"}]}