{"id":"ASB-A-222166527", "published":"2022-12-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2022-20502", "A-222166527"], "details":"In GetResolvedMethod of entrypoint_utils-inl.h, there is a possible use after free due to a stale cache. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/art", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2022-12-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/art/+/1ee0290eed24868826ad99678cc58eee425ecba8"], "severity":"High", "spl":"2022-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["235881377265982734315241633510260354216", "270239985225514015884504015035684228793", "10059235942065569592591306243256186506"], "threshold":0.9}, "id":"ASB-A-222166527-0c3d0612", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/art/+/1ee0290eed24868826ad99678cc58eee425ecba8", "target":{"file":"runtime/class_linker.cc"}}, {"deprecated":false, "digest":{"line_hashes":["71407768609025779943647605851062947084", "231448601979646057492220449142490098289", "101004473502411423060817344107809267897", "4666280352048265623534093757599548744"], "threshold":0.9}, "id":"ASB-A-222166527-35e81c35", "match_only_versions":["13"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/art/+/1ee0290eed24868826ad99678cc58eee425ecba8", "target":{"file":"runtime/class_linker.h"}}, {"deprecated":false, "digest":{"line_hashes":["224633646189388580329569994623457295844", "180255055740417429932114057942854935580", "153984034873157555044294756773927580993", "218043941733532718263172998565117627125"], "threshold":0.9}, "id":"ASB-A-222166527-3b5aba53", "match_only_versions":["13"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/art/+/1ee0290eed24868826ad99678cc58eee425ecba8", "target":{"file":"runtime/native/dalvik_system_DexFile.cc"}}, {"deprecated":false, "digest":{"function_hash":"310321501238726500791910867729928366774", "length":1123}, "id":"ASB-A-222166527-e2dc99f3", "match_only_versions":["13"], "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/art/+/1ee0290eed24868826ad99678cc58eee425ecba8", "target":{"file":"runtime/native/dalvik_system_DexFile.cc", "function":"DexFile_closeDexFile"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2022-12-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/art/+/1ee0290eed24868826ad99678cc58eee425ecba8"}]}