{"id":"ASB-A-179289794", "published":"2021-08-01T00:00:00Z", "modified":"2026-06-17T15:23:34.405473849Z", "aliases":["CVE-2021-0584", "A-179289794"], "details":"In verifyBufferObject of Parcel.cpp, there is a possible out of bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/system/libhwbinder", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"8.1:0"}, {"fixed":"8.1:2021-08-01"}]}], "versions":["8.1"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727"], "severity":"High", "spl":"2021-08-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["325599397596845452481809517798725619411", "194656175227832530681856636993876822408", "240522512309630831697827857464120036961", "63023319149774050960125992398873200987", "205879405849160747787221672290716914042", "162014434744595104773157896709035543730", "258700938104834660101236907796835137078", "314323719013134859579236106665302376163", "166477517462940330522070528228931928535", "59254245627366596380999862892490374434", "39420034797288479929994124554766835426", "171365461939402218713122162227536029160", "214503834139203736730554835181702466872", "122863020909167860727369289454875192014", "28055780445704371009197358973970645490"], "threshold":0.9}, "id":"ASB-A-179289794-1c731208", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp"}}, {"deprecated":false, "digest":{"function_hash":"295105154607713976881775911547281139911", "length":1819}, "id":"ASB-A-179289794-58fef250", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp", "function":"Parcel::readNullableNativeHandleNoDup"}}, {"deprecated":false, "digest":{"function_hash":"336706131709240202911794390429646936666", "length":893}, "id":"ASB-A-179289794-e95d253c", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp", "function":"Parcel::verifyBufferObject"}}]}}, {"package":{"name":"platform/system/libhwbinder", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"9:0"}, {"fixed":"9:2021-08-01"}]}], "versions":["9"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727"], "severity":"High", "spl":"2021-08-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"336706131709240202911794390429646936666", "length":893}, "id":"ASB-A-179289794-10fdcbd1", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp", "function":"Parcel::verifyBufferObject"}}, {"deprecated":false, "digest":{"function_hash":"295105154607713976881775911547281139911", "length":1819}, "id":"ASB-A-179289794-a0f87671", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp", "function":"Parcel::readNullableNativeHandleNoDup"}}, {"deprecated":false, "digest":{"line_hashes":["325599397596845452481809517798725619411", "194656175227832530681856636993876822408", "240522512309630831697827857464120036961", "63023319149774050960125992398873200987", "205879405849160747787221672290716914042", "162014434744595104773157896709035543730", "258700938104834660101236907796835137078", "314323719013134859579236106665302376163", "166477517462940330522070528228931928535", "59254245627366596380999862892490374434", "39420034797288479929994124554766835426", "171365461939402218713122162227536029160", "214503834139203736730554835181702466872", "122863020909167860727369289454875192014", "28055780445704371009197358973970645490"], "threshold":0.9}, "id":"ASB-A-179289794-c549c0d4", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp"}}]}}, {"package":{"name":"platform/system/libhwbinder", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2021-08-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727"], "severity":"High", "spl":"2021-08-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["325599397596845452481809517798725619411", "194656175227832530681856636993876822408", "240522512309630831697827857464120036961", "63023319149774050960125992398873200987", "205879405849160747787221672290716914042", "162014434744595104773157896709035543730", "258700938104834660101236907796835137078", "314323719013134859579236106665302376163", "166477517462940330522070528228931928535", "59254245627366596380999862892490374434", "39420034797288479929994124554766835426", "171365461939402218713122162227536029160", "214503834139203736730554835181702466872", "122863020909167860727369289454875192014", "28055780445704371009197358973970645490"], "threshold":0.9}, "id":"ASB-A-179289794-36e3ccbe", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp"}}, {"deprecated":false, "digest":{"function_hash":"336706131709240202911794390429646936666", "length":893}, "id":"ASB-A-179289794-6e37e456", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp", "function":"Parcel::verifyBufferObject"}}, {"deprecated":false, "digest":{"function_hash":"295105154607713976881775911547281139911", "length":1819}, "id":"ASB-A-179289794-c9d6c037", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp", "function":"Parcel::readNullableNativeHandleNoDup"}}]}}, {"package":{"name":"platform/system/libhwbinder", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-08-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727"], "severity":"High", "spl":"2021-08-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"336706131709240202911794390429646936666", "length":893}, "id":"ASB-A-179289794-97f0a065", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp", "function":"Parcel::verifyBufferObject"}}, {"deprecated":false, "digest":{"function_hash":"295105154607713976881775911547281139911", "length":1819}, "id":"ASB-A-179289794-b082a438", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp", "function":"Parcel::readNullableNativeHandleNoDup"}}, {"deprecated":false, "digest":{"line_hashes":["325599397596845452481809517798725619411", "194656175227832530681856636993876822408", "240522512309630831697827857464120036961", "63023319149774050960125992398873200987", "205879405849160747787221672290716914042", "162014434744595104773157896709035543730", "258700938104834660101236907796835137078", "314323719013134859579236106665302376163", "166477517462940330522070528228931928535", "59254245627366596380999862892490374434", "39420034797288479929994124554766835426", "171365461939402218713122162227536029160", "214503834139203736730554835181702466872", "122863020909167860727369289454875192014", "28055780445704371009197358973970645490"], "threshold":0.9}, "id":"ASB-A-179289794-c33b693a", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libhwbinder/+/fcd86bd0d1b4cfea480a2682c354fb40039f0727", "target":{"file":"Parcel.cpp"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-08-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/system/libhwbinder/+/cb835a500f3d4de152777e3f13db5ab969285633"}]}