{"id":"ASB-A-252763983", "published":"2023-05-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2023-21112", "A-252763983"], "details":"In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/hardware/nxp/nfc", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13-next:0"}, {"fixed":"13-next:2023-05-01"}]}], "versions":["13-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c"], "severity":"High", "spl":"2023-05-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"217768603380171297613270030606270843987", "length":1390}, "id":"ASB-A-252763983-08628712", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc", "function":"NxpMfcReader::AnalyzeMfcResp"}}, {"deprecated":false, "digest":{"function_hash":"217768603380171297613270030606270843987", "length":1390}, "id":"ASB-A-252763983-6c8b5605", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc", "function":"NxpMfcReader::AnalyzeMfcResp"}}, {"deprecated":false, "digest":{"line_hashes":["64284978509830298798730183538658890155", "161084689393964153539491505797652199006", "252132195742022893447742066666725943805", "126108868847444204655071566216860054307"], "threshold":0.9}, "id":"ASB-A-252763983-76b70cae", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc"}}, {"deprecated":false, "digest":{"line_hashes":["64284978509830298798730183538658890155", "161084689393964153539491505797652199006", "252132195742022893447742066666725943805", "126108868847444204655071566216860054307"], "threshold":0.9}, "id":"ASB-A-252763983-bb9dd33f", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc"}}]}}, {"package":{"name":"platform/hardware/nxp/nfc", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2023-05-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/hardware/nxp/nfc/+/67e1db04f568cf50c90758272ceca93426aba932"], "severity":"High", "spl":"2023-05-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"217768603380171297613270030606270843987", "length":1390}, "id":"ASB-A-252763983-9b45cb74", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/67e1db04f568cf50c90758272ceca93426aba932", "target":{"file":"halimpl/mifare/NxpMfcReader.cc", "function":"NxpMfcReader::AnalyzeMfcResp"}}, {"deprecated":false, "digest":{"line_hashes":["64284978509830298798730183538658890155", "161084689393964153539491505797652199006", "252132195742022893447742066666725943805", "126108868847444204655071566216860054307"], "threshold":0.9}, "id":"ASB-A-252763983-efd04272", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/67e1db04f568cf50c90758272ceca93426aba932", "target":{"file":"halimpl/mifare/NxpMfcReader.cc"}}]}}, {"package":{"name":"platform/hardware/nxp/nfc", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2023-05-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c"], "severity":"High", "spl":"2023-05-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"217768603380171297613270030606270843987", "length":1390}, "id":"ASB-A-252763983-16f7f721", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc", "function":"NxpMfcReader::AnalyzeMfcResp"}}, {"deprecated":false, "digest":{"line_hashes":["64284978509830298798730183538658890155", "161084689393964153539491505797652199006", "252132195742022893447742066666725943805", "126108868847444204655071566216860054307"], "threshold":0.9}, "id":"ASB-A-252763983-1c88b988", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc"}}, {"deprecated":false, "digest":{"function_hash":"217768603380171297613270030606270843987", "length":1390}, "id":"ASB-A-252763983-e1952f90", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc", "function":"NxpMfcReader::AnalyzeMfcResp"}}, {"deprecated":false, "digest":{"line_hashes":["64284978509830298798730183538658890155", "161084689393964153539491505797652199006", "252132195742022893447742066666725943805", "126108868847444204655071566216860054307"], "threshold":0.9}, "id":"ASB-A-252763983-ec0f6685", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc"}}]}}, {"package":{"name":"platform/hardware/nxp/nfc", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2023-05-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c"], "severity":"High", "spl":"2023-05-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["64284978509830298798730183538658890155", "161084689393964153539491505797652199006", "252132195742022893447742066666725943805", "126108868847444204655071566216860054307"], "threshold":0.9}, "id":"ASB-A-252763983-3d6c4ce5", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc"}}, {"deprecated":false, "digest":{"function_hash":"217768603380171297613270030606270843987", "length":1390}, "id":"ASB-A-252763983-732c92c7", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc", "function":"NxpMfcReader::AnalyzeMfcResp"}}, {"deprecated":false, "digest":{"function_hash":"217768603380171297613270030606270843987", "length":1390}, "id":"ASB-A-252763983-9e5854c9", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc", "function":"NxpMfcReader::AnalyzeMfcResp"}}, {"deprecated":false, "digest":{"line_hashes":["64284978509830298798730183538658890155", "161084689393964153539491505797652199006", "252132195742022893447742066666725943805", "126108868847444204655071566216860054307"], "threshold":0.9}, "id":"ASB-A-252763983-f13d3baf", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc"}}]}}, {"package":{"name":"platform/hardware/nxp/nfc", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-05-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c"], "severity":"High", "spl":"2023-05-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["64284978509830298798730183538658890155", "161084689393964153539491505797652199006", "252132195742022893447742066666725943805", "126108868847444204655071566216860054307"], "threshold":0.9}, "id":"ASB-A-252763983-4dd0fded", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc"}}, {"deprecated":false, "digest":{"function_hash":"217768603380171297613270030606270843987", "length":1390}, "id":"ASB-A-252763983-67c3d35a", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc", "function":"NxpMfcReader::AnalyzeMfcResp"}}, {"deprecated":false, "digest":{"function_hash":"217768603380171297613270030606270843987", "length":1390}, "id":"ASB-A-252763983-eaccfcca", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"snxxx/halimpl/mifare/NxpMfcReader.cc", "function":"NxpMfcReader::AnalyzeMfcResp"}}, {"deprecated":false, "digest":{"line_hashes":["64284978509830298798730183538658890155", "161084689393964153539491505797652199006", "252132195742022893447742066666725943805", "126108868847444204655071566216860054307"], "threshold":0.9}, "id":"ASB-A-252763983-f164f37f", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/69c53a6f1bca6d450e5100c1044114ffad615e5c", "target":{"file":"pn8x/halimpl/mifare/NxpMfcReader.cc"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-05-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/hardware/nxp/nfc/+/a20d5962d9350409204535b145826a41a7a3262d"}]}