{"id":"ASB-A-246932269", "published":"2023-02-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2023-20945", "A-246932269"], "details":"In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/packages/apps/Nfc", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2023-02-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/apps/Nfc/+/2e4dfa6c92de30907851914add6485f8b7920968"], "severity":"High", "spl":"2023-02-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"291295663468966505317516086465492132836", "length":359}, "id":"ASB-A-246932269-cf4ba7bf", "match_only_versions":["10"], "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Nfc/+/2e4dfa6c92de30907851914add6485f8b7920968", "target":{"file":"nci/jni/extns/pn54x/src/mifare/phNxpExtns_MifareStd.cpp", "function":"phNciNfc_MfCreateXchgDataHdr"}}, {"deprecated":false, "digest":{"line_hashes":["331621049285636605087812950969410737608", "85262197089860247853335490100764795172", "261718335795557197149375020778461234828"], "threshold":0.9}, "id":"ASB-A-246932269-ea39f7cc", "match_only_versions":["10"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Nfc/+/2e4dfa6c92de30907851914add6485f8b7920968", "target":{"file":"nci/jni/extns/pn54x/src/mifare/phNxpExtns_MifareStd.cpp"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-02-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/packages/apps/Nfc/+/4a964908ff0bd91d93f96cdc26f7377420c58273"}]}