{"id":"ASB-A-202159709", "published":"2022-01-01T00:00:00Z", "modified":"2026-07-09T15:25:53.339171538Z", "aliases":["CVE-2021-39632", "A-202159709"], "details":"In inotify_cb of events.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/bootable/recovery", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2022-01-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/bootable/recovery/+/855803fd4af68b9f73121c5aa9b6c02c59ada944"], "severity":"High", "spl":"2022-01-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["251878211765381436121786525095445573179", "326917265067444861141647994882588464505", "195134354338674316384953995643263581076", "329915135484451349951781172360289556545", "185702696460615040690229168224222617743", "209782024027139824060767062560107309639", "174819193390521436516379146900120638442", "132100487275494377663344102362761892785", "319649251948772840882092384824874929305", "276551611381577043650032261245716122927", "34487796864078359551710751774194938446", "52405906165327343010616170879870065778"], "threshold":0.9}, "id":"ASB-A-202159709-0e611d65", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/bootable/recovery/+/855803fd4af68b9f73121c5aa9b6c02c59ada944", "target":{"file":"minui/events.cpp"}}, {"deprecated":false, "digest":{"function_hash":"323128088944193993090862572043926931314", "length":1130}, "id":"ASB-A-202159709-37bae723", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/bootable/recovery/+/855803fd4af68b9f73121c5aa9b6c02c59ada944", "target":{"file":"minui/events.cpp", "function":"inotify_cb"}}]}}, {"package":{"name":"platform/bootable/recovery", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2022-01-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/bootable/recovery/+/187a6ec5483e2102568a904cc091e3eba5a00187"], "severity":"High", "spl":"2022-01-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"323128088944193993090862572043926931314", "length":1130}, "id":"ASB-A-202159709-1cda0c34", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/bootable/recovery/+/187a6ec5483e2102568a904cc091e3eba5a00187", "target":{"file":"minui/events.cpp", "function":"inotify_cb"}}, {"deprecated":false, "digest":{"line_hashes":["251878211765381436121786525095445573179", "326917265067444861141647994882588464505", "195134354338674316384953995643263581076", "329915135484451349951781172360289556545", "185702696460615040690229168224222617743", "209782024027139824060767062560107309639", "174819193390521436516379146900120638442", "132100487275494377663344102362761892785", "319649251948772840882092384824874929305", "276551611381577043650032261245716122927", "34487796864078359551710751774194938446", "52405906165327343010616170879870065778"], "threshold":0.9}, "id":"ASB-A-202159709-3d8afb27", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/bootable/recovery/+/187a6ec5483e2102568a904cc091e3eba5a00187", "target":{"file":"minui/events.cpp"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2022-01-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/bootable/recovery/+/f0a760b3a154ad328c682ec8559287befff14945"}]}